UPDATED 18:38 EDT / AUGUST 05 2019

CLOUD

Offering $300K to hack its cloud, Microsoft launches new Azure Security Lab

Microsoft Corp. announced today at the Black Hat USA Conference in Las Vegas the creation of a new Azure Security Lab that it believes will bolster the security of its public cloud service.

The company said that Azure Security Lab is an isolated set of dedicated cloud hosts designed to be tested by security professionals in order to strengthen the defenses of its cloud systems. The lab is isolated to ensure that anyone who is invited to “confidently and aggressively test Azure” will not disrupt the service while they’re doing so.

Microsoft’s own security researchers will work alongside the invited security pros to study the results of those tests. And Microsoft is encouraging security pros to “come and do their worst” to ensure that no stone is left unturned in its effort to find vulnerabilities within Azure.

“The isolation of the Azure Security Lab allows us offer something new: Researchers can not only research vulnerabilities in Azure, they can attempt to exploit them,” the company said when announcing the project. “Accepted applicants will have access to quarterly campaigns for targeted scenarios with added incentives, as well as regular recognition and exclusive swag.”

Microsoft is accepting applications from security researchers who would like to test Azure now. The company is offering a sizable bounty too, with rewards of up to $300,000 promised for those who can crack its security challenges.

In addition, Microsoft is upping the rewards on offer in its traditional Azure bug bounty program from $20,000 to $40,000. The company said it has paid out over $4.4 million in rewards over the last 12 months, up from $2 million a year ago. Now it’s teasing would-be hackers with even greater incentives.

The whole idea of bug bounties is that they encourage outsiders to test security systems for vulnerabilities and other bugs that could potentially put corporate assets and user data at risk. Companies would rather hand out rewards than see their systems get hacked, as any security breach could be far more costly, hitting their reputation as well as their bottom line.

As well as the increased rewards, Microsoft said it’s now accepting Safe Harbor principles, which means that security researchers can identify and report vulnerabilities in its systems without fear of legal repercussions.

Microsoft’s rivals offer similar bug bounty programs. Google LLC recently upped its maximum reward to $30,000 for “high quality” reports of vulnerabilities, up from its previous cap of $15,000.

Analyst Holger Mueller of Constellation Research Inc. said it was a sign of confidence from Microsoft that it’s inviting co-called white-hat hackers to try to break into its cloud.

“It’s a great approach to accelerate the efforts of infrastructure-as-a-service vendors to make their clouds more secure,” Mueller said. “One can hope Microsoft’s competitors will follow this initiative. But executives need to be reminded that direct hacking is the lesser threat than social engineering, which they still have to protect their enterprises from.”

Photo: 9sdworld/Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.