Addressing the assembed throngs at the Black Hat conference, Kymberlee Price, Microsoft’s security community manager said that Azure Security Lab is a set of dedicated cloud hosts isolated from Azure customers so security researchers can test attacks against cloud scenarios. The isolation means researchers can not only research vulnerabilities in Azure, they can attempt to exploit them.
The Azure Security Lab isn’t open to the public — you have to apply. Microsoft is promising quarterly campaigns for targeted scenarios with added incentives, including shedloads of cash. Security researchers will get access to Vole's own Azure security experts.
Microsoft said that it has issued $4.4 million in bounty rewards over the past year. Microsoft today also formalized its two-decade Safe Harbor commitment. These principles ensure security researchers receive recognition for their work.