EU to fund bug bounties

Ethical hackers could earn up to $100,000 if they can spot vulnerabilities in the free open source software used by the European Union

code syntax on laptop

The European Union (EU) has set up a bug bounty for 15 applications to help uncover security flaws in the most popular free and open source software on the web.

Bug bounties are a prize for people who actively search for security issues and the EU is calling on ethical hackers and developers to help find vulnerabilities in the open source projects it relies on.

The initiative was announced by Julia Reda, a member of the European Pirate Party and the co-founder of The Free and Open Source Software Audit Project (FOSSA), and will see the EU fund 15 bug bounties ranging from $30,000 to $100,000 depending on the software in question and the size of the vulnerability.

The FOSSA project started in 2014 to help improve the overall security of the internet after serious vulnerabilities were found. One of the issues found was in the Open Source encryption library OpenSSL.

"The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure," Reda said. "Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things.

"But the Internet is not only crucial to our economy and our administration. It is the infrastructure that runs our everyday lives. It is the means we use to retrieve information and to be politically active."

A list of the open source projects - courtesy of Julia Reda's EU profile page

In January the European Commission will launch 14 out of the total 15 bug bounties on free software projects that the EU institutions rely on. The software projects chosen include Filezilla, Apache Kafka and Drupal and were identified as candidates during a public survey.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

Redis closes another round of funding, raking in an additional $110 million
open source

Redis closes another round of funding, raking in an additional $110 million

8 Apr 2021
Six things a developer should know about Postgres
Whitepaper

Six things a developer should know about Postgres

22 Mar 2021
Best Linux distros 2021
operating systems

Best Linux distros 2021

26 Feb 2021
Golang XML parser vulnerability could enable SAML authentication bypass
vulnerability

Golang XML parser vulnerability could enable SAML authentication bypass

15 Dec 2020

Most Popular

REvil threatens to release Apple’s hardware schematics
ransomware

REvil threatens to release Apple’s hardware schematics

21 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Samsung Galaxy S21 Ultra review: Ultra in every sense of the word
Mobile Phones

Samsung Galaxy S21 Ultra review: Ultra in every sense of the word

22 Apr 2021