Microsoft announced that it will organize a new hacking event called “Zero Day Quest” in order to increase the security of cloud and artificial intelligence systems. This event aims to encourage research into high-impact vulnerabilities by expanding the company’s existing bug bounty program. It will specifically focus on vulnerabilities that may affect cloud-based infrastructure and artificial intelligence workloads.
Tom Gallagher, Vice President of Engineering at Microsoft Security Response Center, stated that the event will be one of the largest hacking organizations in the industry and said, “Zero Day Quest will offer an additional reward opportunity of $ 4 million for research on cloud and artificial intelligence security. “This event will bring together the security community with Microsoft engineers, uniting the best minds for a common purpose,” he said.
Applications for the Zero Day Quest event are being accepted as of today. Research eligible for the prize will earn the right to participate in a physical hacking event to be held at Microsoft’s headquarters in Redmond, Washington in 2025. This process will offer security researchers the opportunity to work directly with Microsoft engineers and share experience.
Microsoft announced that it is doubling the bounty amount for artificial intelligence-related vulnerabilities. As part of the event, researchers will be given the opportunity to work directly with Microsoft’s artificial intelligence engineers and the AI Red Team team. The AI Red Team consists of a group of experts tasked with detecting and analyzing vulnerabilities in the company’s artificial intelligence systems.
Microsoft Security Vice President Vasu Jakkal emphasized the importance the company attaches to transparency and said, “We will share the details of the errors detected in this process with the entire industry after they are corrected. Because security is an area that requires teamwork,” he said. In addition, critical vulnerabilities will be made public through the Common Vulnerabilities and Exposures (CVE) program. Microsoft plans to improve cloud and artificial intelligence security by sharing the information obtained on these vulnerabilities throughout the company.
Microsoft launched a comprehensive security transformation process in 2023
The Zero Day Quest event stands out as part of the comprehensive security transformation process that Microsoft launched in 2023. The company announced that it had made security a top priority for all its employees, following the security problems experienced in previous years.
In addition, Microsoft today introduced a new tool called “Security Exposure Management.” This tool will help businesses identify potential attack points by providing a graphic-based view of logins, permissions, and other security-related elements.