The two companies have launched a new joint project called Internet Bug Bounty

Nov 7, 2013 09:51 GMT  ·  By

Microsoft has recently announced an extension for its Windows 8.1 bug bounty program, but it turns out that it also wants to make the Internet safer with help from its rivals.

Facebook and Microsoft joined forces for a new project called Internet Bug Bounty, which encourages hackers and security researchers to submit bugs for cash rewards.

Hacking any Internet flaw brings back a $5,000 payment, with Microsoft asking security experts to look for holes that are widespread, severe, novel, and vendor agnostic.

There are several categories included in the project, as follows: Sandbox Escapes ($5,000 / €3,700), OpenSSL ($2,500 / €1,850), Python ($1,500 / €1,110), Ruby ($1,500 / €1,110), PHP ($1,500 / €1,110), Django (coming soon), Rails ($1,500 / €1,110), Perl ($1,500 / €1,110), Phabricator ($300 / €220), Nginx ($500 / €370), and Apache httpd ($500 / €370).

Security holes submitted by applicants will be reviewed by a panel of experts from Microsoft, Facebook, Google, iSEC Partners, and Etsy.

“The Internet Bug Bounty is managed by a panel of volunteers selected from the security community. These security experts are responsible for defining the rules of the program, allocating bounties to where additional security research is needed most, and mediating any disagreements that might arise,” the official page of the program reads.

Unsurprisingly, Microsoft is now paying much more attention to the overall security of its products, so the company recently launched a similar bug bounty program aimed at finding flaws in Windows 8.1 and Internet Explorer 11.

The company has offered $128,000 (€94,600) in rewards for bugs found in its software, with one security expert receiving a $100,000 (€73,900) prize for finding a flaw in Windows 8.1.

Microsoft recently decided to extend the program and give more security experts the chance to get cash for the bugs they find, in another attempt to make both its operating systems and the latest versions of the in-house browser more secure.