GitHub launches ‘Security Lab’ to help secure open-source ecosystem
At the GitHub conference on Thursday, GitHub announced a new program called Security Lab, a collaboration between different security researchers to fix bugs in open source projects. GitHub stated that the team will dedicate full-time resources to find vulnerabilities in popular open-source projects. The members come from organizations like Microsoft, Google, Intell, J.P. Morgan, LinkedIn, VMWare, and other tech giants.
GitHub stated that the lab had already found, reported, and fixed over 100 security flaws. The program is open to other organizations and individual researchers. Bug bounty awards extend up to $3,000 to compensate hunters for time.