HackerOne Offers Free Service For Open Source Projects
On Thursday, Mar. 3, HackerOne announced the availability of a free version of its bug bounty service. The platform called HackerOne Community Edition will provide tools to open source projects for creating bounty programs to improve software security and managing vulnerability submissions.
Open Source Projects Get Free Access To HackerOne Platform
Threat Post reported that eligible open source projects will receive the subscription to HackerOne Professional service for free. The new HackerOne Community Edition will provide all the benefits of the professional service, except the dedicated customer support. The access to the service includes a deduplication service, vulnerability submission coordination, analytics and bounty programs for projects. However, on all cash bounties paid, the company will still charge its usual 20 percent payment processing fee.
HackerOne company's approach and product are inspired and built on a culture of collaborative software development and open source. This program is a first of its kind. When it comes to running efficient, simple and productive security programs, the company aims to ensure that open-source projects received as much support as possible.
HackerOne Company's History
HackerOne was founded in 2012 and since then has been connecting businesses with security researchers in order to help find software. Many companies have been using its platform for public and private bounties, including Kaspersky Lab, Adobe, Nintendo, Microsoft, Twitter, and Facebook. On Thursday, Rockstar Games became the latest company to announce a public bounty.
HackerOne said that it was compelled to offer the HackerOne Professional subscription for free because it recognizes that open source underpins many products and services. According to the company, currently, 36 open source projects use its platform. Over 1,200 vulnerabilities have been resolved in projects, including GitLab, Discourse, Ruby, Rails, Django, Sentry and Brave.
Eligibility Condition For Open Source Initiative License
According to Computerworld, open-source projects must be older than three months old, active and covered by an Open Source Initiative (OSI) license in order to qualify for the Community Edition service. Projects that apply must also promote the security program, must publish a policy for submitting vulnerabilities and must respond to new reports in under a week. Some other open-source projects that do not qualify for the Community Edition Initiative license are covered under the Internet Bug Bounty program run by HackerOne and sponsored by Microsoft and Facebook.
Zerodium Triples iPhone and iOS 10 Exploit Bounty To $1.5 million
The iOS 10 and iPhone bug bounty is raised by Zerodium to $1.5 million.
Apple To Offer Hundreds Of Thousands Of Dollars In Security Bounty Program
Apple has announced its new big rewards bug bounty program.
Google Vulnerability Rewards Program Is Paying More For Android Security Bugs
Google is increasing the rewards for finding Android security vulnerabilities.
MORE IN ITECHPOST
Elon Musk’s Brain Microchip Neuralink Will Allegedly Cure Depression and Addiction
Elon Musk founded Neuralink in 2016, but what is the purpose of this brain-implanted computer chip? Musk has revealed additional details that you may find interesting.
Spotted in Deep Space: Never Before Seen Four Mystery Objects
A few mysterious objects that haven't been seen until now have recently been spotted in deep space thanks to massive radio telescopes.
A Leaker May Have Confirmed The Release Date Of 'Resident Evil Village'
A leaker who has been reliable in the past regarding Resident Evil may have revealed the release date of Resident Evil Village.