Microsoft has announced a new bug bounty program to push the limits of Sphere Linux OS. To that end, the company has announced “The Azure Sphere Research Challenge” that offers security researchers and hackers up to $100,000 in bounty if they are able to hack the OS.
Microsoft built Azure Sphere Linux OS last year and the OS was designed to run on specialized chips for IoT devices. The “The Azure Sphere Research Challenge” is an extension of Azure Security Lab which was announced in 2019. The challenge will run from 1st June 2020 to 31st August 2020 and will require researchers to execute codes on Azure Pluton and Azure Secure World. Microsoft will provide the eligible researchers with the following:
- Azure Sphere development kit (DevKit)
- Access to Microsoft products and services for research purposes
- Azure Sphere product documentation
- Direct communication channels with the Microsoft team
Microsoft has opened the registration for the bug bounty program and interested researchers are required to submit the application form before May 15, 2020. Microsoft will review the application on a weekly basis and accepted researchers will be notified via email. The challenge focuses on the Sphere OS. Vulnerabilities found outside the research initiative scope, including the Cloud portion, may be eligible for the public Azure Bounty Program awards.