Donation campaign launched, aimed at OpenSSL audit

Share this article:

A new funding drive has been created to entice security researchers to help discover flaws in OpenSSL.

Australian security start-up Bugcrowd, which offers a crowdsourced bug bounty marketplace, has launched the program, according to a blog post by the company.

Following the discovery of the Heartbleed bug and its impact on the internet as a whole, as well as statements made by Steve Marquess, president of the OpenSSL Software Foundation, regarding the need for funding to conduct a formal security audit on the open source software, Bugcrowd took action.

The company will organize “sprint bounties” – similar to normal bounty programs but involving a capped budget and set disclosure periods – which will reward members of the security community for discovering flaws with money donated to the campaign. Bugcrowd intends to cover all of its own costs associated with this effort.

Share this article:

Sign up to our newsletters

More in News

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.

IG scolds NOAA on security deficiencies, recommends fixes

IG scolds NOAA on security deficiencies, recommends fixes

An audit of NOAA by the inspector general found security shortcomings, including the link between information systems and satellite systems.

HP tests 10 popular IoT devices, most raise privacy concerns

HP tests 10 popular IoT devices, most raise ...

In a study, HP Fortify tested 10 popular Internet of Things (IoT) devices, including TVs, webcams and device control hubs.