Today Microsoft announced a new contest called the BlueHat Prize, designed to spur innovation in computer security protection technology. The company has put up a prize pot worth over $250,000 for the top 3 contestants to split at next year’s Black Hat USA convention.
Microsoft is easily paying out more in this contest than the bug hunt bounty offered by Google, and definitely more than the newly launched bounty program by Facebook. The large pot is necessary as Microsoft believes that the rampant and increasing attacks against corporation and government computer systems calls for security researchers to look at a bigger picture rather than focusing on one bug at a time.
“Microsoft recognizes the need to stimulate research in the area of defensive computer security technology,” said Matt Thomlinson, Microsoft’s Trustworthy Computing Group GM. “Our interest is to promote a focus on developing innovative solutions rather than discovering individual issues. We believe the BlueHat Prize can catalyze defensive efforts to help mitigate entire classes of attacks.”
The first-place winner will receive the lion’s share of $200,000. Second-place winner will receive $50,000 and the third place winner get’s a subscription Microsoft’s security developers network. Entries can be submitted from today to April 1 2012. Contestants will be allowed to retain the rights their intellectual property but they are required to irrevocably license the IP to Microsoft royalty-free and forever. Microsoft employees and residents of Cuba, Iran, North Korea, Sudan and Syria are ineligible to participate in the contest.
Senior director of Adobe product security Brad Arkin said, “this research has the potential to lower costs for third-party developers and increase the level of security assurance for end users. I am looking forward to seeing what the creativity of the community can deliver.”