- We’re launching two areas of research for our Bug Bounty and Data Bounty programs: scraping bugs and scraped databases.
- For reports on scraping bugs, we’ll issue monetary rewards, and for reports on scraped databases, we’ll reward through matched charity donations.
Our Bug Bounty program works with researchers to help us detect and fix issues across our apps faster so that we can better protect our community. So far this year, we’ve awarded over $2.3 million to researchers from more than 46 countries and have received around 25,000 reports in total, issuing bounties on over 800. And now we’re expanding our programs to address new challenges and welcome more researchers.
Today, we’re launching two new updates to our Bug Bounty and Data Bounty programs around scraping. As scraping continues to be an internet-wide challenge, we’re excited to open up these new areas of research for our bug bounty community.
We know that automated activity designed to scrape people’s public and private data targets every website or service. We also know that it is a highly adversarial space where scrapers — be it malicious apps, websites or scripts — constantly adapt their tactics to evade detection in response to the defenses we build and improve. As part of our larger security strategy to make scraping harder and more costly for the attackers, today we are beginning to reward valid reports of scraping bugs in our platform.
Starting as a private bounty track for our Gold+ HackerPlus researchers, our bug bounty program will award reports about scraping methods, even if the data they target is public. Specifically, we’re looking to find bugs that enable attackers to bypass scraping limitations to access data at greater scale than the product intended. Our goal is to quickly identify and counter scenarios that might make scraping less costly for malicious actors to execute. While lack of proper rate limiting is now included in the program’s scope (our terms still do not allow anyone to automate access and collection of data), we want to particularly encourage research into logic bypass issues that can allow access to information via unintended mechanisms, even if proper rate limits exist. We’ve provided our Gold+ researchers with examples on such bypasses to help jumpstart this research.
To the best of our knowledge, this is the first scraping bug bounty program in the industry. We will work to address feedback from our top bounty hunters before expanding the scope to a greater audience.
Starting today, our data bounty program will also cover scraped datasets found online. We will reward reports of unprotected or openly public databases containing at least 100,000 unique Facebook user records with PII or sensitive data (e.g. email, phone number, physical address, religious or political affiliation). The reported dataset must be unique and not previously known or reported to Meta. We aim to learn from this effort so we can expand the scope to smaller datasets over time.
If we confirm that user PII was scraped and is now available online on a non-Meta site, we will work to take appropriate measures, which may include working with the relevant entity to remove the dataset or seeking legal means to help ensure the issue is addressed. For example, if the dataset is a result of a misconfigured third-party application, we will work with the developer to address the issue. Alternatively, if the dataset is exposed on a hosting service (e.g. S3 bucket, file-sharing service), we will make efforts with the host (Amazon, Box, Dropbox, etc.) to take this dataset offline.
As always, we will issue rewards in both programs based on the maximum impact of each report, with a minimum reward of $500 per each scraping bug or dataset.
Scraped datasets: We will reward valid reports of scraped datasets in the form of charity donations to nonprofits of our researchers’ choosing to ensure that we do not incentivize scraping activity. Per our donation matching policy, we will match each bounty, which means that researchers will be directing an even higher bounty to the causes important to them.
Scraping bugs: We will be issuing monetary rewards for valid reports about scraping bugs, similar to how we’ve always issued rewards for eligible submissions to our Bug Bounty program. Researchers, of course, can choose to donate a bounty to a recognized charity (subject to approval by Meta).
We’re looking forward to our community’s research and feedback in these two new research areas.
Learn more on our Engineering at Meta blog.
Facebook: Giving Senior Dogs Loving Homes
Celebrating many identities within a global community of impact: An Asian and Pacific Islander Heritage Month conversation
Srinivas Prasad Sugasani: It’s such fun to connect with you on Asian and Pacific Islander Heritage Month. As Asians and Pacific Islanders, I feel that we have so much to celebrate. At the same time, as we think about some of the events and realities that we have navigated recently, I’m curious from your perspective,…
Srinivas Prasad Sugasani: It’s such fun to connect with you on Asian and Pacific Islander Heritage Month. As Asians and Pacific Islanders, I feel that we have so much to celebrate. At the same time, as we think about some of the events and realities that we have navigated recently, I’m curious from your perspective, Jane, what do you feel is different about this past year?
Jane Hesmondhalgh: We’ve continued on our journey of working to create an inclusive culture at Microsoft. And there is still a gap between our aspired culture and everyone’s lived experiences today. For some, that gap may be small; for others it may be larger. But the fact that at Microsoft we have this value system we’re aspiring to is, I think, very much aligned to the Asian and Pacific Islander communities.
We’re consistently working toward respect, accountability and high integrity at Microsoft. I would say that our continued work to make progress is not so much different this year, but that we’re focusing even more effort on it.
Unfortunately, this past year we have seen the continued trend of acts of hate toward Asians globally. But the fact that Microsoft is strongly supporting the community in the face of those is super critical for the community. And that much-needed support is not a one-time event where we say something and then we’re on to the next thing. It’s the ongoing recognition that acts against violence, injustice and inequities across the world are unacceptable.
SPS: That’s right. We’ve also been focused on community education in the wake of this alarming rise in acts of hate and violence — how the community can leverage safety practices, and how can we work with the local government communities to increase safety.
JH: Our Inclusion Council has also been really engaged in these discussions. Other examples of sustained commitment to the community include the events we’ve done to engage with external experts in ongoing learning such as Microsoft Include, and of course the support of our Asians at Microsoft Employee Resources Group (ERG). I have heard from the community specifically that one of the most powerful things they’ve attended this year are our community calls, where people have had the opportunity to talk through how they’re feeling with others who may have experienced similar things.
SPS: Based on what we heard from our community, we’ve also been increasingly focused on how we strengthen and support the advancement of the ERG and its members at the company. I am really proud of how we’ve been working with outside experts on leadership development across the company, all the way from entry-level employees to the most senior in the company. This is the kind of year-round investment that is directly benefiting the community.
JH: I’m so passionate about this piece — the leadership education for Asians and Pacific Islanders. When I started as the sponsor for the Asians ERG, that was the No. 1 feedback, that the community wanted unique and tailored leadership education.
As we know, there are 4.7 billion people in this broad community across the world. Asians and Pacific Islanders make up 60% of the world population. That really strikes me. Because within that, there are so many different perspectives. So, a question for you is, how do we ensure that different types of conversations and perspectives from the entire community are brought in?
SPS: As you said — 60% of the global population! And we are trying to represent diversity within the community at that scale. It’s actually one of our strategic pillars in our ERG — including all community members. I think we’re doing a really good job with that. The leadership team has ensured that we include many voices, and as a result of that diversity of thought, we’ve seen new steps and actions being taken. For example, we had an Asians ERG art exhibition. We had a day of remembrance where people could talk about their practices, cultures, ancestors. We had a stand-up comedy event. And we’ve focused specifically on women inventors. Those are just a few examples.
So, focusing on the many dimensions of identity within our global community ensures that we can all share our experiences and learn from each other.
JH: This leads me to reflect on the word “community” and what does that mean? With a global team located all over the world, how do we bring everybody together in a sense of community? At Microsoft the community is a combination of people, cultures and beliefs. So, I think that community piece is our connection to the history across the Asia Pacific region. Within this vast land mass, we can appreciate and understand the differences and uniqueness of the people in the sub-communities and societies. We talked earlier about Microsoft’s culture and values. I think one thing that helps us is that Asian values around integrity and respect are very similar to the company’s. And then of course we go beyond respect to actually celebrating our cultures. Each of our ERG chapters and groups, each culture, is a contribution that is valuable to the world.
And these values are actually critical for the work ahead, right? This year, next year and beyond, we want to tackle the biggest problems that divide us as a society. And we’ve got that microcosm of society within our Asian and Pacific Islander community. We can play a huge role in landing the mindset of interconnectivity and learning both within and outside the company. Each person must be committed to driving positive change, be more intentionally inclusive in the workplace and build our empathy. With this, we can build momentum to meet the challenges of the world.
SPS: Well said Jane. As you’re speaking, I’m thinking about my own personal journey as well. Part of my life I lived on a farm in a small village. I experienced a community there where everybody looked like me, spoke like me with a very similar kind of language. When I lived in various cities, that was the first time I’d experienced people looking like me but speaking different dialects.
And then when I started working on a multinational level, I encountered people who had such a range of cultural differences from me. What I’ve learned is whether it is living in a village, in a small community or at the global level, human values remain the same. I’ve realized more recently that as things become more complex, more turbulent, and we do not know what future will hold, the constant is the values that we all stand for. And that is true across the Asian and Pacific Islander communities, and all across Microsoft and our nine ERGs and many dimensions of identities.
JH: You know, I never thought about it in this way but because you shared a little bit about your own background, I’ll share something about when we moved from the U.S. back to the U.K. In his new school, my son felt left out, and suddenly struggled with questions around “I am British, but do they think I am American or Chinese?” He didn’t feel that sense of belonging, and all these new questions of identity came up which he held to himself. Things did get better, but it reminds me that it’s all of our responsibility to help each other understand that while people are different, everybody has something to offer. People need to feel like they’re valued and that they can contribute without being judged.
SPS: It is so true. Thank you for sharing that. Are there any misperceptions about the Asian and Pacific Islander community that you would like to address?
JH: I’ve heard people say things like, gosh Asians are good at math and science, and they have an easier entry to STEM fields and occupations. I don’t know that I would ever categorize it as easier or not easier. There are many Asians who are not good at math and science, right? It’s a generalization, and there are a lot of these.
Another misconception is that because the Asian population is large, there are a lot of Asian leaders. But actually, the statistics have shown that we’re the least likely of all racial groups to become managers and executives. We need more role models and pathways to that senior level, which is where those development efforts we spoke about earlier come in. And of course, some other misconceptions came up during the pandemic around Chinese people.
So again, what combats these types of misconceptions and harmful stereotypes is learning and building our understanding and empathy for one another.
SPS: I absolutely agree. We will continue this work with the Microsoft communities and our leadership. I look forward to the impact we will make in the coming year. Thank you so much, Jane, for the chance to have this conversation. I look forward to our celebrations and recognition this month!
JH: Thank you, Srinivas! Happy Asian and Pacific Islander Heritage Month!
3 ways to turn your field service operation into a revenue-generating machine
For decades, companies have relied on skilled technicians to repair equipment and engage with customers in the field. While these technicians were often the only representation that the customer would see, their skills, processes, and systems were seldom seen as critical aspects of the company’s revenue cycle. Until recently, many field technicians or field service…
For decades, companies have relied on skilled technicians to repair equipment and engage with customers in the field. While these technicians were often the only representation that the customer would see, their skills, processes, and systems were seldom seen as critical aspects of the company’s revenue cycle. Until recently, many field technicians or field service teams were merely thought of as necessary cost centers. But like other parts of the organization, even the cost centers must learn to innovate and discover additional revenue–generating opportunities.
Field service is the process of organizing and managing work tasks that need to be completed at a particular location, usually a customer site. The field service process often includes many variables and can be quite complex. It encompasses dispatching, scheduling, skills matching, and route optimization, to name a few. Many people have been in a situation where they’re expected to wait all day for a technician because they’ve been given a broad arrival window time between the hours of 8 AM and 4 PM. Well, that’s field service—albeit, a rather inefficient model.
As the field service domain evolves, companies are learning their inefficiencies in the field can quickly cost them revenue as customer satisfaction is negatively impacted and the lifetime value of their customers decreases. And while companies across all industries are realizing the extended costs of inefficient field service operations, those that are innovative have begun to understand how to also leverage field service to generate more revenue. Cost reductions by becoming more efficient can be great, but reducing costs while increasing revenue is pure gold.
Here are three ways to drive revenue through your field service operations and how Microsoft Dynamics 365 Field Service can help create efficiencies.
1. Lead generation
This may sound odd primarily because lead generation has always been a staple of marketing and sales operations. But who else gets to know your customers better than your field technicians? Here’s a quick personal story:
After a recent move, I called several internet service providers. For starters, I selected the provider that could deliver service in the least amount of time. Upon arrival, the technician asked about other services, particularly mobile phone service. Since I had a different mobile phone carrier, he said they have specials and asked if I would be interested in hearing them. Shortly after confirming my interest and completing my internet installation, a field salesperson knocked on my door and converted me over to their mobile plan. A lead generated and a sale transacted—all originating from the field technician’s simple question.
Field technicians are skilled workers that often have a series of tasks needed to complete the service. By simply including a question or by noting a specific item on their task list, a Microsoft Power Automate flow can be triggered to automatically create a lead and route it to the sales team. This creates a qualified lead for the sales team and a cross-sell revenue opportunity for the company.
2. Expanding business units: Field Service-as-a-Service
To truly turn your field service operations into a revenue generator, the current operation must become efficient. Efficiency requires innovation; that is, innovation of processes, system platforms, and people. When it comes to field service operations, it’s safe to say not all organizations innovate at the same pace and some prefer not to innovate at all. This is where your innovation and efficiencies can become a revenue-generating asset.
For example, a large healthcare facilities provider began as a facilities management operation. They provided facilities management services to the vast and growing network of healthcare providers. Continuing to innovate and drive efficiencies with Dynamics 365 Field Service, the healthcare facilities provider quickly recognized the value they could bring to other healthcare provider networks and began offering their services to other hospitals. By leveraging their efficiencies, they were able to provide great value to more than 160 hospitals which allows their customers to create better patient experiences. The healthcare facilities provider is a great example of how field service efficiencies were used to create a revenue-generating business unit.
3. Connected Field Service: leverage data
Connected Field Service leverages IoT data collected from device sensors and integrates with Dynamics 365 Field Service to create a new revenue-generating service model. Connected Field Service allows organizations to graduate from the traditional break-fix service model to a proactive and predictive service model. This shift creates opportunities for organizations to market and sell new service offerings that yield greater revenue and increase margin.
A connected field service example is a Pacific Northwest mechanical contractor company. The organization specializes in developing energy-efficient buildings. However, by capturing the data from IoT sensors, their connected field service solution enables them to offer post-construction optimization services. IoT sensors capture a building’s energy levels and proactively dispatches a service technician prior to failure—thus, ensuring operational efficiency within their customers’ facilities. Building on their efficiencies, they can conserve and reduce travel costs by performing remote inspections and service with Dynamics 365 Remote Assist. Such efficiency creates opportunities to sell more advanced support offerings thereby increasing revenue and profitability.
Learn more about Dynamics 365 Field Service
The good news is that becoming more efficient in field service operations can be extremely valuable to your organization. The better news is that through innovation, field service operations can even be transformed into a revenue-generating machine.
Bay View is open — the first campus built by Google
AWS Week in Review – May 16, 2022
Personalize your machine translation results by using fuzzy matching with Amazon Translate
Build a cold start time series forecasting engine using AutoGluon
AWS Local Zones Are Now Open in Las Vegas, New York City, and Portland
Use deep learning frameworks natively in Amazon SageMaker Processing
Amazon2 months ago
Build a cold start time series forecasting engine using AutoGluon
Amazon7 months ago
AWS Local Zones Are Now Open in Las Vegas, New York City, and Portland
Amazon5 months ago
Use deep learning frameworks natively in Amazon SageMaker Processing
Amazon11 months ago
Build accurate ML training datasets using point-in-time queries with Amazon SageMaker Feature Store and Apache Spark