Microsoft

Microsoft has a rewards program covering both its consumer-software-stable and web-app products, such as their cloud offering, Azure. The Microsoft Bounty Program site goes into detail about submission-report formatting, showing examples of both good and bad specimens, and has detailed, specific testing guidelines for every Microsoft property included. But there isn't a deep reserve of learning material from a general pentesting perspective, and less in the way of community. Microsoft, like many other companies, has its own public leaderboard and ranking system.

Their blog is a good source for more general Infosec analysis. In one series, they provide an in-depth analysis, including source code examples, of Windows exploits used by the Shadow Brokers, the infamous hacking syndicate known to have leaked NSA hacking tools in the summer of 2016.