Microsoft puts up $250,000 reward for new security ideas

Microsoft is offering more than $250,000 in prizes for developing new computer protection technologies.

Microsoft is offering more than $250,000 in prizes for developing new computer protection technologies.

The BlueHat Prize competition is aimed at stimulating research in defensive computer security technology in the face of increasing attacks on private and government computer systems.

Microsoft hopes the competition will provide enhanced security for the Windows operating system, as well as for the applications that run on it.

"Our interest is to promote a focus on developing innovative solutions rather than discovering individual issues. We believe the BlueHat Prize can catalyse defensive efforts to help mitigate entire classes of attacks," says Matt Thomlinson, general manager, Trustworthy Computing Group, Microsoft.

Top prize is $200,000, second prize is $50,000 and third prize is an MSDN Universal subscription valued at $10,000.

Winners will retain IP ownership of their work and will grant Microsoft a licence to use it in its products

Prizes will be awarded for the most effective ways to prevent the use of memory safety vulnerabilities such as JITSpray which have been shown to defeat existing Microsoft defences such as data execution prevention (DEP) and address space layout randomisation (ASLR).

Examples of similar technologies include data execution prevention, which helps prevent attacks that attempt to exploit vulnerabilities in software.

"Microsoft wants to encourage more security experts to think about ways to reduce threats to computing devices," says Katie Moussouris, senior security strategist lead for the Microsoft Security Response Centre.

"We're looking to collaborate with others to build solutions to tough industry problems. We believe the BlueHat Prize will encourage the world's most talented researchers and academics to tackle key security challenges," she said.

The competition is open until 1 April 2012 and will be judged by a panel of Microsoft security engineers based on practicality, functionality, robustness, and impact.

Read more on Antivirus, firewall and IDS products