News

EU to fund bug bounties

Ethical hackers could earn up to $100,000 if they can spot vulnerabilities in the free open source software used by the European Union

2 Jan 2019

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 2 Jan 2019

The European Union (EU) has set up a bug bounty for 15 applications to help uncover security flaws in the most popular free and open source software on the web.

Bug bounties are a prize for people who actively search for security issues and the EU is calling on ethical hackers and developers to help find vulnerabilities in the open source projects it relies on.

The initiative was announced by Julia Reda, a member of the European Pirate Party and the co-founder of The Free and Open Source Software Audit Project (FOSSA), and will see the EU fund 15 bug bounties ranging from $30,000 to $100,000 depending on the software in question and the size of the vulnerability.

The FOSSA project started in 2014 to help improve the overall security of the internet after serious vulnerabilities were found. One of the issues found was in the Open Source encryption library OpenSSL.

"The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure," Reda said. "Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things.

"But the Internet is not only crucial to our economy and our administration. It is the infrastructure that runs our everyday lives. It is the means we use to retrieve information and to be politically active."

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_content-image-mobile@1/v1570816598/itpro/2019/01/screen_shot_2019-01-02_at_11.27.04.png { display: none !important; }

A list of the open source projects - courtesy of Julia Reda's EU profile page

In January the European Commission will launch 14 out of the total 15 bug bounties on free software projects that the EU institutions rely on. The software projects chosen include Filezilla, Apache Kafka and Drupal and were identified as candidates during a public survey.

open source

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1647524037/itpro/Whitepaper%20covers/Thumbnail_Accelerating_AI_modernisation.jpg { display: none !important; }

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1650973650/itpro/Whitepaper%20covers/Recommendations_AI_risks_thumb.png { display: none !important; }

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1655219614/itpro/Whitepaper%20covers/Intro_to_cloud_databases_thumb.png { display: none !important; }

Free Download

Powering through to innovation

IT agility drive digital transformation

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1655800725/itpro/Whitepaper%20covers/HCI_2.0_Powering_through_to_innovation.png { display: none !important; }

Free Download

EU to fund bug bounties

Ethical hackers could earn up to $100,000 if they can spot vulnerabilities in the free open source software used by the European Union

Most Popular

Get the IT Pro newsletter

Get the free daily newsletter from IT Pro, delivering the latest news, reviews, insights and case studies