• Hunting for AI Bug Bounty

  • Jul 17 2024
  • Length: 21 mins
  • Podcast

Hunting for AI Bug Bounty

Listen for free

View show details

  • Summary

  • In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Technical Program Manager at Microsoft Lynn Miyashita and Principal Research Manager, Andrew Paverd. They discuss the evolution of bug bounty programs into the realm of artificial intelligence, specifically focusing on Microsoft's initiative launched in October 2023. Lynn explains that the AI Bug Bounty incentivizes external security researchers to discover and report vulnerabilities in Microsoft's AI systems, such as Copilot, across various platforms including web browsers and mobile applications. Andrew elaborates on the concept of a "bug bar," which sets the criteria for vulnerabilities eligible for the program. They emphasize the importance of identifying security issues that could arise uniquely from AI systems, such as prompt injection vulnerabilities. The discussion highlights Microsoft's structured approach to handling reported vulnerabilities through their Security Response Center, emphasizing quick mitigation and coordination with researchers to ensure timely fixes and public disclosure. In this episode you’ll learn: How AI Bug Bounty programs are reshaping traditional security practices Dangers of prompt injection attacks, and their capacity to exfiltrate sensitive data Why you should engage in AI bug hunting and contribute to the evolving security landscape Some questions we ask: Which products are currently included in the Bug Bounty program? Should traditional bug bounty hunters start doing AI bug bounty hunting? How can someone get started with AI bug hunting and submitting to your program? Resources: View Lynn Miyashita on LinkedIn View Andrew Paverd on LinkedIn View Sherrod DeGrippo on LinkedIn Microsoft AI Bug Bounty Program Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show more Show less
Show more Show less

What listeners say about Hunting for AI Bug Bounty

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available