The new scenario-based rewards have been created to entice researchers to put more effort into finding “vulnerabilities that have the highest potential impact on customer privacy and security”. Microsoft Bounty Program places the new awards on top of the current general awards given for security bugs. In total, the new scenario-based awards provide up to $26,000 in bounty awards.
Scenario-Based Rewards
In a blog post to announce the new conditions, Microsoft provides the following breakdown of rewards: “Dynamics 365 and Power Platform Bounty Program M365 Bounty Program Eligible submissions may qualify for 15-30% bonuses on top of the general M365 bounty awards and will be awarded the single highest qualifying award. Tip of the day: The Windows Sandbox gives Windows 10/11 Pro and Enterprise users a safe space to run suspicious apps without risk. In out tutorial we show you how to enable the Windows Sandbox feature.