'A secure dev lifecycle has a much higher ROI than letting the public do the bug detection work for you'

Microsoft's bug bounty program has exploded in terms of scope and payouts.…

The text above is a summary, you can read full article here.