As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.
The European Commission in January is funding 14 bug bounty programs in hopes of sniffing out vulnerabilities in the free open source projects that EU institutions rely on.
The bug bounty programs span 14 open source software projects and offers a total of almost $1 million for all bounties combined. The bug bounty programs have varying rewards, start and end dates, and platforms. The first bug bounty programs – for Filezilla, Apache Kafka, Notepad++, PuTTy, and VLC Media Player – begin next week on Jan. 7.
The initiative stems back to the Free and Open Source Software Audit project (FOSSA), first created by European Parliament member Julia Reda.
Read more at ThreatPost