Google bigger Open Source Bounties, soon also for Javascript Fuzzing

Google is expanding its OSS-Fuzz bounty program and offering rewards of up to $30.000 for researchers who find security flaws in open source programs.

body parser expressjs

The expanded scope of the program now means that the total rewards per integration increase from $20.000 to $30.000. The purpose of OSS-Fuzz is to support open source projects with fuzz testing, and the new reward categories support those who create more ways to integrate new projects.

Google has created two new reward categories that reward broader improvements across all OSS-Fuzz projects.

It offers up to $11.337 per category. It also offers rewards for notable FuzzBench fuzzer integrations and for incorporating new sanitizers or “bug detectors” that help find vulnerabilities.

"We hope to accelerate the integration of critical open source projects into OSS-Fuzz by providing stronger incentives for security researchers and open source maintainers," he says Oliver Chang of Google's OSS-Fuzz team.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.097 registrants.
OSS-Fuzz, google, javascript

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).