Microsoft wants help from security researchers from across the world so that it can develop a secure web browser. The company today has announced “Microsoft Edge Insider Bounty Program,” under which Microsoft is going to give security researchers a free hand to discover high impact vulnerabilities in Microsoft Edge Dev and Beta channels.
For a quick refresher, the company has a similar program already in force and that is “Microsoft Edge (EdgeHTML) on Windows Insider Preview” program, which is for, as the name suggests, the old Edge browser. Under the program, Microsoft promises to offer rewards up to $15,000, while the new Microsoft Edge Insider Bounty Program is offering twice the money that is a humongous $30,000.
Below is a list of key things, which Microsoft wants you to remember before you start to find flaws in the Chromium-based browser.
- We aim to complement the Chrome Vulnerability Reward Program, so any report that reproduces on the latest version of Microsoft Edge but not Chrome will be reviewed for bounty eligibility based on severity, impact, and report quality.
- Valid reports affecting the next version of Microsoft Edge will receive a 2X bonus multiplier in the Researcher Recognition Program.
- Faster rewards: the new Microsoft Edge bounty program will provide bounty will award upon completion of reproduction and assessment of each submission.