paid $ 13.6 million in rewards through its Bug Bounty Program between July 1, 2020 and June 30, 2021. They went to a total of 341 security researchers. The amount is slightly lower than in 2019.
The highest amount was paid under the Hyper-V Bounty Program, which deals with vulnerabilities in the virtualization layer of, and containers for Windows and Linux applications in the cloud. Microsoft currently has 17 such programs, with the Hyper-V program offering the highest possible reward of up to $ 250,000.
“Averaging more than $ 10,000 per award across programs, each of the 1,200+ eligible reports reflects the talent and creativity of the global security research community and their invaluable partnership in addressing the challenges of an ever-changing security environment,” it says in a blog entry by the Microsoft Security Response Center (MSRC).