Skip to main content

EU to fund bug bounty program for top open-source software

The European Union will help cover the expenses of bug bounty programs for 14 open-source projects according to an announcement made by EU Member of Parliament Julia Reda.

The projects that will receive funding for their bug bounty programs are 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player and WSO2.

The bug bounty programs are being sponsored as part of the third edition of the Free and Open Source Software Audit (FOSSA) project.

FOSSA was first approved by EU authorities back in 2015 when security researchers discovered severe vulnerabilities in the OpenSSL library a year earlier.

Third edition of FOSSA

In her announcement, Julia Reda highlighted the importance of free and open-source software, saying:

"The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure. Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things."

The first edition of FOSSA ran between 2015 and 2016 with a budget of €1m and a public survey was held which decided that Apache HTTP web server and the KeePass password manager would receive a sponsored security audit.

FOSSA 2 had a budget of €2m but its bug bounty program was limited to €60,000 for the VLC Media Player app.

Beginning in January, security researchers and companies can hunt for vulnerabilities in the 14 open source projects chosen for FOSSA 3 and report them to earn a monetary award.

Via ZDNet



from TechRadar - All the latest technology news http://bit.ly/2GNeRMX
Labels:

Comments

Post a Comment

Popular posts from this blog

The future of Magic Leap's promising AR efforts dim after layoffs

The Magic Leap Two is now further away than ever, unfortunately. Today in a blog post the augmented reality pioneer announced major layoffs and has decided to cut up to half of its workforce, according to some reports. The original Magic Leap One was supposed to be one of the first mainstream augmented reality headsets when it launched in 2018, but a high price point and lack of interest from developers left the headset high and dry after launch. According to the blog post, Magic Leap says it will be focusing its efforts on enterprise solutions (a statement HTC has made recently as well) and shift its focus away from consumer technology… at least for the time being.  The company has been open about creating a second headset that would offer improved specs for some time, but how that work will now have to go forward without half of the team , according to some estimates, remains to be seen. Is the window closing on augmented reality?  Although it’s just one company, Magic...
Post a Comment
Read more

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy . The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase . Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce. While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandem...
Post a Comment
Read more