EU introducing bug bounty on Free Software projects it uses

eu fossa bug bounty program

The EU started Free and Open Source Software Audit (FOSSA) back in 2014. Now, in the coming January 2019, FOSSA is back again. EU has announced as many as 15 bug bounties in 2019 on Free Software Projects that the EU institutions rely on.

Back in 2014, the EU started FOSSA which helped it identify cybersecurity vulnerabilities in important Free Software Projects. One of the most important finds that year were issues found in the Open Source encryption library OpenSSL.

Bug Bounties are popular with companies which are open to giving freelancers a chance to penetrate the cybersecurity arrangements of their websites or open source software. If somebody is able to spot a bug they are given a bounty which largely depends on the severity of the issue/bug found.

The newest addition of the FOSSA has open source projects that include the likes of Filezilla, Apache Kafka, VLC Media Player, Drupal, and Notepad++. The bounties range from €25,000 to €90,000. Most of these projects are opening early in January 2019. By October 2020, the last of the projects would end. Participants can contribute to these projects by analyzing software and submitting their findings on the provided bug bounty platforms.