Microsoftannounced that it will host an offline event called Zero Day Quest.hacker conference, which aims to encourage researchers to discover ways to influence cloud computing andAIHigh-risk security vulnerabilities in software for workloads.
Tom Gallagher, vice president of engineering at Microsoft's Security Response Center, said, "This new hackathon will be the largest of its kind, and we're offering an additional $4 million (IT Home note: currently about 28.938 million yuan) in prizes to be awarded to high-impact areas, theParticularly in the areas of cloud computing and artificial intelligence. 'Zero Day Quest' will provide new opportunities for the security community to work hand-in-hand with Microsoft engineers and security researchers to bring together the top minds in security to share, learn and build communities to keep everyone safe."
"Day Zero Discovery is now accepting research submissions, and qualified researchers will have the opportunity to attend an offline hackathon at Microsoft's Redmond headquarters in 2025.
Microsoft will double its bounty on AI vulnerabilities, theand provide security researchers with direct access to Microsoft AI engineers and the company's AI Red Team... The Artificial Intelligence Red Team is a group of experts that specializes in testing the weaknesses of Microsoft's AI systems.
As part of our ongoing commitment to transparency, we'll be sharing details on fixing vulnerabilities so the entire industry can learn from them -- after all, security is a team sport," said Vasu Jakkal, corporate vice president at Microsoft. " Any critical vulnerabilities will be shared through the Common Vulnerabilities and Exposures (CVE) program, and Microsoft plans to share all lessons learned across Microsoft to improve its cloud and AI security.
Earlier this year, Microsoft made security a top priority for every employee, after the company experienced years of security problems and was heavily criticized by the U.S. Cybersecurity Review Board.
Microsoft Security Exposure Management, also available today, provides defenders with a graph-based view of an organization's login credentials, permissions and other security-related elements to identify potential attack vectors.