HackerOne Offers Free Service For Open Source Projects
On Thursday, Mar. 3, HackerOne announced the availability of a free version of its bug bounty service. The platform called HackerOne Community Edition will provide tools to open source projects for creating bounty programs to improve software security and managing vulnerability submissions.
Open Source Projects Get Free Access To HackerOne Platform
Threat Post reported that eligible open source projects will receive the subscription to HackerOne Professional service for free. The new HackerOne Community Edition will provide all the benefits of the professional service, except the dedicated customer support. The access to the service includes a deduplication service, vulnerability submission coordination, analytics and bounty programs for projects. However, on all cash bounties paid, the company will still charge its usual 20 percent payment processing fee.
HackerOne company's approach and product are inspired and built on a culture of collaborative software development and open source. This program is a first of its kind. When it comes to running efficient, simple and productive security programs, the company aims to ensure that open-source projects received as much support as possible.
HackerOne Company's History
HackerOne was founded in 2012 and since then has been connecting businesses with security researchers in order to help find software. Many companies have been using its platform for public and private bounties, including Kaspersky Lab, Adobe, Nintendo, Microsoft, Twitter, and Facebook. On Thursday, Rockstar Games became the latest company to announce a public bounty.
HackerOne said that it was compelled to offer the HackerOne Professional subscription for free because it recognizes that open source underpins many products and services. According to the company, currently, 36 open source projects use its platform. Over 1,200 vulnerabilities have been resolved in projects, including GitLab, Discourse, Ruby, Rails, Django, Sentry and Brave.
Eligibility Condition For Open Source Initiative License
According to Computerworld, open-source projects must be older than three months old, active and covered by an Open Source Initiative (OSI) license in order to qualify for the Community Edition service. Projects that apply must also promote the security program, must publish a policy for submitting vulnerabilities and must respond to new reports in under a week. Some other open-source projects that do not qualify for the Community Edition Initiative license are covered under the Internet Bug Bounty program run by HackerOne and sponsored by Microsoft and Facebook.
Zerodium Triples iPhone and iOS 10 Exploit Bounty To $1.5 million
The iOS 10 and iPhone bug bounty is raised by Zerodium to $1.5 million.
Apple To Offer Hundreds Of Thousands Of Dollars In Security Bounty Program
Apple has announced its new big rewards bug bounty program.
Google Vulnerability Rewards Program Is Paying More For Android Security Bugs
Google is increasing the rewards for finding Android security vulnerabilities.
MORE IN ITECHPOST
6 Must-Take Steps to Protect Yourself from a Data Breach
A data breach can take place in many ways. Whether it involves gaining physical access to your laptop or a malicious cyberattack on your device, the safety of your data could be easily compromised at any time.
How Do Personal Emergency Response Systems Work?
Personal emergency response systems, known as PERS for short, are systems that help people to raise the alarm and get immediate help when a medical or personal emergency occurs. They are ideal for older people and anyone with a mobility issue or an injury or illness that can cause falls.
Eight Must-Have Tools to Keep Your Car Out of Garage
We all dread taking our car to a garage for repairs. We might just want to avoid the inconvenience of being off the road or maybe the costs associated, which can even lead to knock-on effects on things like our holiday plans.
6 Hacks for Students to Choose a Laptop While on a Budget
The modern world tries to drown us in the sea of choices. One can’t simply buy a laptop - there are hundreds of laptops around and sometimes our budget becomes the only real limitation we can rely on. But how to choose other parameters to get the best laptop possible?