The top three winners* in the BlueHat Prize competition will earn a total approximate retail value of over $250,000 in cash and prizes: $200,000 for the Grand prize; $50,000 for second-place; and an MSDN Universal subscription valued at $10,000 for third-place. Prizes will be awarded to contestants who design a novel way to prevent the use of memory safety vulnerabilities, a key area of focus for Microsoft. Examples of similar technologies include Data Execution Prevention (DEP), which helps prevent attacks that attempt to exploit vulnerabilities in software.
The new twist on the incentive is designed to inspire researchers to engage in ground-breaking research, unlike other companies that pay per-vulnerability.
The official competition rules and guidelines are available at www.BlueHatPrize.com and submissions will be accepted up to Sunday, April 1, 2012. A panel of Microsoft security engineers will judge submissions based on the following criteria:
- Practicality and Functionality (30 percent)
- Robustness—how easy it would be to bypass the proposed solution (30 percent)
- Impact (40 percent)
The winners will be announced at Black Hat USA 2012.
* Government employees are not eligible to participate in the competition but we thought the initiative would interest you as further evidence of Microsoft’s commitment to ensuring the online safety and security of users in a world where the proliferation and sophistication of threats is constantly on the increase.
Posted by Stuart