Microsoft has announced a bug bounty program for its open-source election software ElectionGuard, allowing researchers to uncover vulnerabilities and help bolster election security.
Available as a software development kit (SDK), ElectionGuard aims to make voting tamper-proof by leveraging encryption to “enable a new era of secure, verifiable voting.” It also allows individual voters to confirm that their votes were correctly counted.
“Security researchers play an integral role in the ecosystem by discovering and reporting vulnerabilities to Microsoft through coordinated vulnerability disclosure,” the Windows maker said.
The bug bounty offers security professionals, part-time hobbyists, and students a reward of up to $15,000 for eligible submissions with a clear and concise proof of concept (POC) that demonstrates how the discovered high impact vulnerability could have an impact on the security of its users.
ElectionGuard was officially launched in May, and last month, the company announced its general availability, making it possible for technology suppliers to integrate the software into their voting systems.
To that effect, the company is working with election machine vendors and local governments to deploy the system in a pilot program for the upcoming 2020 US election.
The move is also part of the tech giant’s wider attempts under the “Defending Democracy Program” that seeks to protect political campaigns from cyber threats and defend against disinformation operations.
Microsoft has repeatedly stressed the role of tech industry in safeguarding electoral processes, stating “addressing this threat to democracy will require significant new efforts by governments, technology companies […] as well as academia and civil society.” So, it’s good to see the company trying to get this right.