At Black Hat 2019 (world's leading information security event) yesterday, Microsoft announced the Azure Security Lab, a sandbox-like environment for security researchers to test its cloud security.
The Azure Security Lab is a set of dedicated cloud hosts for security researchers to test attacks against IaaS scenarios, and which is isolated from Azure customers. As well as offering a secure testing space, the lab program will enable participating researchers to engage directly with Microsoft Azure security experts. Accepted applicants will have access to quarterly campaigns for targeted scenarios with added incentives, as well as regular recognition and exclusive swag.
Azure is exceptionally secure. To help keep it that way, Microsoft is doubling the top bounty reward for Azure vulnerabilities to $40,000. Bug bounty programs are a great complement to existing internal security programs. They help motivate individuals and groups of hackers to not only find flaws but disclose them properly, instead of using them maliciously or selling them to parties that will.
Microsoft is committed to ensuring our cloud is secure from modern threats. They built Azure with security in mind from the beginning, and work to help customers secure their Azure cloud environment with products such as Azure Sentinel and Azure Security Center. And if a situation arises, Microsoft's Cloud Defense Operations Center (CDOC) and security teams work around the clock to identify, analyze, and respond to threats in real time.