Open source software security testing

Cite

FOSDEM VZW

Jans, Stijn

Formal Metadata

Title

Open source software security testing

Subtitle

Crowd supported via bug bounty

Title of Series

FOSDEM 2019

Number of Parts

561

Author

Jans, Stijn

License

CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/44455 (DOI)

Publisher

FOSDEM VZW

Release Date

2019

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

The European Commission has launched the EU-FOSSA2 project where they want to invest in the security of open source projects by running bug bounty programs against popular software. Intigriti got the first position in this contract and will be running programs for some really known open source projects. In these programs, users from the community will be invited to help testing the security of these programs and will be rewarded for finding vulnerabilities. In this talk we will explain how bug bounty actually works, announce which programs can be found, which bounties can be earned and how the process flow works.