Donation campaign launched, aimed at OpenSSL audit

Share this article:

A new funding drive has been created to entice security researchers to help discover flaws in OpenSSL.

Australian security start-up Bugcrowd, which offers a crowdsourced bug bounty marketplace, has launched the program, according to a blog post by the company.

Following the discovery of the Heartbleed bug and its impact on the internet as a whole, as well as statements made by Steve Marquess, president of the OpenSSL Software Foundation, regarding the need for funding to conduct a formal security audit on the open source software, Bugcrowd took action.

The company will organize “sprint bounties” – similar to normal bounty programs but involving a capped budget and set disclosure periods – which will reward members of the security community for discovering flaws with money donated to the campaign. Bugcrowd intends to cover all of its own costs associated with this effort.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS