Power Platform is Here! Introducing the Dynamics 365 and Power Platform Bug Bounty Program

Microsoft is excited to announce the addition of Power Platform to the newly rebranded Dynamics 365 and Power Platform Bounty Program.

Through this expanded program, we encourage researchers to discover and report high impact security vulnerabilities they may find in the new Power Platform scope to help protect customers. We offer awards up to $20,000 USD for eligible submissions. The following products are now eligible for bounty awards:

• Power Apps
• Power Automate
• Power Virtual Agent
• Power Portals

To learn more about eligible scope and award amounts, please visit the Dynamics 365 and Power Platform Bounty Program page.

Researchers can expect to see the Dynamics 365 and Power Platform Bounty Program continue to grow as we identify new areas of scope for bounty eligibility. Through targeted and expanding program scope, Microsoft can better protect our customers and partner with researchers to secure new and interesting attack surface!

If you have any questions about the new Power Platform scope or general inquiries about any other security research incentive program, please email us at [email protected].

Madeline Eckert and Lynn Miyashita, MSRC