Today Microsoft announced the BlueHat security prize, which will award $260,000 in cash and prizes at the Black Hat USA event in 2012.
Microsoft claims that it is putting together the prize to “generate new ideas for defensive approaches to support computer security.” First prize will take home $200,000 in cash, second place $50,000 in cash, and third a MSDN Universal subscription that the company claims is worth $10,000.
The timing of the creation of the prize is no accident, with global computer attacks growing more frequent in the public eye, and often more brazen. Lulzsec and Anonymous have, with their antics, brought hacking and insecure computing to the forefront of the mind of the average consumer.
Microsoft, which has an obvious vested interest in computer systems being secure, can well afford the prize pool (208,000 times at its current cash level), thus making the investment worth the potential reward: an innovative new approach to security.
Of course, with the winners to be announced at the Black Hat event, Microsoft is making a readable gesture to the more occluded computer security world.
Specifically, the competition “challenges security researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities.” The criteria for winning is innovation, with the most innovative project taking down the top prize, according to Microsoft copy.
TNWmicrosoft likes the move by Microsoft as it should stimulate discussion, and perhaps shake loose a few new ideas, but it seems a slow way to find answers to big questions, questions that need to be resolved now, and not perhaps in a year.