IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

EU to fund bug bounties

Ethical hackers could earn up to $100,000 if they can spot vulnerabilities in the free open source software used by the European Union

code syntax on laptop

The European Union (EU) has set up a bug bounty for 15 applications to help uncover security flaws in the most popular free and open source software on the web.

Bug bounties are a prize for people who actively search for security issues and the EU is calling on ethical hackers and developers to help find vulnerabilities in the open source projects it relies on.

The initiative was announced by Julia Reda, a member of the European Pirate Party and the co-founder of The Free and Open Source Software Audit Project (FOSSA), and will see the EU fund 15 bug bounties ranging from $30,000 to $100,000 depending on the software in question and the size of the vulnerability.

The FOSSA project started in 2014 to help improve the overall security of the internet after serious vulnerabilities were found. One of the issues found was in the Open Source encryption library OpenSSL.

"The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure," Reda said. "Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things.

"But the Internet is not only crucial to our economy and our administration. It is the infrastructure that runs our everyday lives. It is the means we use to retrieve information and to be politically active."

A list of the open source projects - courtesy of Julia Reda's EU profile page

In January the European Commission will launch 14 out of the total 15 bug bounties on free software projects that the EU institutions rely on. The software projects chosen include Filezilla, Apache Kafka and Drupal and were identified as candidates during a public survey.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022