Microsoft has launched an AI bug bounty program, placing the AI-powered Bing experience as the first product under scrutiny, with potential rewards reaching up to $15,000. The program's primary aim is to motivate researchers worldwide to seek out vulnerabilities within the Bing chatbot and AI integrations.
As Microsoft states on the AI bounty program's website, "The Microsoft AI bounty program invites security researchers from across the globe to discover vulnerabilities in the new, innovative, AI-powered Bing experience. Qualified submissions are eligible for bounty rewards from $2,000 to $15,000."
Additionally, other products and integrations can also be considered for bounty awards, including AI-powered Bing integration within Microsoft Edge, AI-powered Bing integration in the Microsoft Start app, and AI-powered Bing integration in the Skype Mobile app. Any identified vulnerabilities within these integrations can be submitted for assessment and are eligible for rewards.
The primary objective of the AI bounty program is to identify substantial vulnerabilities within the innovative AI-powered Bing experience that have a direct and verifiable impact on customer security.
Eligible applicants should be at least 14 years of age, and minors need to obtain permission from a legal guardian to participate.
In a recent blog post reviewing the past year's bounty programs, Microsoft announced that it had granted $13.8 million in incentives to 345 security researchers worldwide. These researchers discovered 1,180 vulnerabilities across 17 distinct bug bounty programs.
As part of its bug bounty initiative last year, Microsoft expanded its coverage to include Exchange on-premises, SharePoint, and Skype for Business and increased the maximum rewards for reporting high-impact security flaws via the Microsoft 365 platform.
Inputs from IANS