Microsoft announces its own Black Hat-style hacking event with substantial prizes for AI security

Share

Microsoft is hosting a personal hacking event, Zero Day Quest, which it says will be the largest of its kind. The event will build on Microsoft’s existing bug bounty program and encourage research into solemn vulnerabilities that could impact software running cloud and AI workloads.

“This new hacker event will be the largest of its kind, with a potential $4 million in prizes dedicated to research in high-impact areas, particularly cloud and artificial intelligence,” explains Tom Gallagher, vice president of engineering at the response center on Microsoft security. “Zero Day Quest will provide the security community with new opportunities to work hand-in-hand with Microsoft security engineers and researchers – bringing together the best minds in security to share, learn, and build community as we work to keep everyone safe.”

Mission Zero Day begins today, and Microsoft is accepting submissions for research eligible for awards. These submissions will qualify security researchers to attend the 2025 Personal Hacking Event at Microsoft headquarters in Redmond, Washington.

Microsoft is doubling its AI bounties and also offering security researchers direct access to Microsoft AI engineers and the company’s AI Red Team, a group of experts who examine Microsoft’s AI systems for failures.

“As part of our ongoing commitment to transparency, we will share details of bugs as they are fixed so that the entire industry can learn from them — after all, security is a team sport,” says Vasu Jakkal, corporate vice president of security at Microsoft. Any critical vulnerabilities will be made available through the Common Vulnerabilities and Exposures (CVE) program, and Microsoft plans to share any findings across Microsoft to improve cloud and AI security.

This recent security event comes as Microsoft begins its largest security transformation in history. Earlier this year, Microsoft made security its number one priority for every employee, following years of security problems and a scathing report from the U.S. Cybersecurity Review Board.

Microsoft Security Exposure Management also launches today, providing defenders with a graphical view of credentials, permissions, and other security-related elements that can identify potential attack vectors.

Latest Posts

More News