1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Discussion in 'CSO' started by RSS, Sep 2, 2016.

  1. RSS

    RSS New Member Member

    Microsoft has expanded its bug bounty programs to cover the open-source .NET Core and ASP.NET Core application development platforms.

    The .NET Core and ASP.NET Core technologies are used to create server applications that can run on Windows, Linux, and Mac. The ability to write code once and have it run on multiple platforms have made these technologies popular with enterprise software developers.

    Microsoft will pay monetary rewards between US$500 and $15,000 for critical vulnerabilities in the RTM (release to manufacturing), Beta, or RC (release candidate) releases of these platforms.

    Flaws in Microsoft's cross-platform Kestrel web server are also covered by the new bug bounty program, as well as vulnerabilities in the default ASP.NET Core templates provided with the ASP.NET Web Tools Extension for Visual Studio 2015 or later.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page