HackerOne announced it will provide its HackerOne Pro platform as a free service to foster open source projects for vulnerability submission and coordination and bug bounties.
The San Francisco-based vulnerability coordination and bug bounty platform is offering a Community Edition subscription service for free so users, developers and hackers can submit vulnerability reports.
According to a release, HackerOne’s Community Edition provides “tools for managing these reports, responding to them, and where appropriate, paying bounties to reward your community for their contributions.” It differs from the company’s Professional version in not providing dedicated customer support and program assistance.
A number of open source projects – including Ruby, Rails, Discourse, Django, GitLab, Brave, and Sentry – use the platform, and the company said more than 1,200 vulnerabilities in open source projects had been resolved using its tools.
To be eligible, open source projects must be active, at least three months old, and covered by an Open Source Initiative (OSI) license, which stipulates that software can be freely used, modified and shared.