HackerOne Offers Free Service For Open Source Projects
On Thursday, Mar. 3, HackerOne announced the availability of a free version of its bug bounty service. The platform called HackerOne Community Edition will provide tools to open source projects for creating bounty programs to improve software security and managing vulnerability submissions.
Open Source Projects Get Free Access To HackerOne Platform
Threat Post reported that eligible open source projects will receive the subscription to HackerOne Professional service for free. The new HackerOne Community Edition will provide all the benefits of the professional service, except the dedicated customer support. The access to the service includes a deduplication service, vulnerability submission coordination, analytics and bounty programs for projects. However, on all cash bounties paid, the company will still charge its usual 20 percent payment processing fee.
HackerOne company's approach and product are inspired and built on a culture of collaborative software development and open source. This program is a first of its kind. When it comes to running efficient, simple and productive security programs, the company aims to ensure that open-source projects received as much support as possible.
HackerOne Company's History
HackerOne was founded in 2012 and since then has been connecting businesses with security researchers in order to help find software. Many companies have been using its platform for public and private bounties, including Kaspersky Lab, Adobe, Nintendo, Microsoft, Twitter, and Facebook. On Thursday, Rockstar Games became the latest company to announce a public bounty.
HackerOne said that it was compelled to offer the HackerOne Professional subscription for free because it recognizes that open source underpins many products and services. According to the company, currently, 36 open source projects use its platform. Over 1,200 vulnerabilities have been resolved in projects, including GitLab, Discourse, Ruby, Rails, Django, Sentry and Brave.
Eligibility Condition For Open Source Initiative License
According to Computerworld, open-source projects must be older than three months old, active and covered by an Open Source Initiative (OSI) license in order to qualify for the Community Edition service. Projects that apply must also promote the security program, must publish a policy for submitting vulnerabilities and must respond to new reports in under a week. Some other open-source projects that do not qualify for the Community Edition Initiative license are covered under the Internet Bug Bounty program run by HackerOne and sponsored by Microsoft and Facebook.
Zerodium Triples iPhone and iOS 10 Exploit Bounty To $1.5 million
The iOS 10 and iPhone bug bounty is raised by Zerodium to $1.5 million.
Apple To Offer Hundreds Of Thousands Of Dollars In Security Bounty Program
Apple has announced its new big rewards bug bounty program.
Google Vulnerability Rewards Program Is Paying More For Android Security Bugs
Google is increasing the rewards for finding Android security vulnerabilities.
MORE IN ITECHPOST
How Scars are Formed and How to Remove It
Scar formation is a result of a biological process in skin after an injury or trauma. It is formed when the dermis layer of the skin is damaged. It is our body's way to repair tissues and organs and is a natural part of the healing process. A scar tissue is composed of the same type of collagen it is replacing with. Scars lacks elasticity compared to normal tissue. There are different degrees of scarring depending on the injury the tissue is subjected to.
Johns Hopkins Researchers Discover Material That Could Someday Power Quantum Computer
Quantum computers with the ability to perform complex calculations, encrypt data more securely and more quickly predict the spread of viruses, may be within closer reach thanks to a new discovery by Johns Hopkins researchers.
Black Holes Stunt Growth of Dwarf Galaxies
UC Riverside astronomers find large-scale winds associated with active black holes in small galaxies suppress star formation
'Resident Evil 6' and 'Resident Evil 5' Demos are Now Available on Nintendo Switch
Fans of "Resident Evil" can finally play the demos for the fifith and sixth installment on Switch.