CyberNews Briefs

HackerOne expands Internet Bug Bounty project to tackle open source bugs

HackerOne will be expanding its Bug Bounty program, seeking to increase overall open source security. Open source projects are relied upon by enterprise players and SMBs alike and can represent some significant security risks as open-source components are stored and shared publicly. They range from full operating systems to education tools, server software, libraries, and more. The Linux Foundation recently found that there was a high demand for open course programmers and experts. However, 92% of managers surveyed were facing challenges filling open-source programming positions.

Due to the shortage and nature of open-source components, HackerOne decided to expand the bounty program to find open-source bugs as well. The shortage and lack of oversight create a situation where security issues can slip through. GitHub research suggested that on average, it takes up to four years to discover open-source vulnerabilities. The majority of open-source vulnerabilities are caused by mistakes and human error, says GitHub. HackerOne hopes that it will be able to identify and fix vulnerabilities found in open-source components.

Read More: HackerOne expands Internet Bug Bounty project to tackle open source bugs

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.