{"id":6487,"date":"2022-01-25T09:43:04","date_gmt":"2022-01-25T09:43:04","guid":{"rendered":"https:\/\/pstqb.pt\/?p=6487"},"modified":"2022-01-25T10:46:01","modified_gmt":"2022-01-25T10:46:01","slug":"comissao-europeia-lanca-programa-que-recompensa-a-deteccao-de-bugs-nos-seus-projectos","status":"publish","type":"post","link":"https:\/\/pstqb.pt\/en\/comissao-europeia-lanca-programa-que-recompensa-a-deteccao-de-bugs-nos-seus-projectos\/","title":{"rendered":"European Commission Launches Program to Reward Bug Detection in Its Projects"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The European Commission has launched a program that rewards the detection of bugs<\/em> in their projectspen Source<\/em> that support its public services.<\/p>

The bounty hunters of bugs <\/em>can receive up to \u20ac5,000 (the equivalent of 5,600 US dollars) for finding security vulnerabilities in software<\/em><\/strong> open source code used throughout the European Union (EU), including LibreOffice<\/em>, LEOS<\/em>, Mastodon<\/em>, Odoo and CryptPad<\/em>. This program, led by the European rewards platform of bugs<\/em> Intigriti<\/em>will also offer a bonus of 20% if a code fix for the bugs is provided by the researchers.<\/p>

In a statement released on January 19, the EC said that it is looking for reports of security vulnerabilities, such as the exposure of personal data, horizontal\/vertical privilege escalation and the injection of SQL<\/em>. The highest reward will be paid for the detection of \"exceptional vulnerabilities\".<\/p>

This latest program follows on from another program, called FOSSA, also run by the EU, which paid out more than 220,000 dollars in its 18 months of operation, and which was announced as a \"remarkable success<\/a>\".<\/p>

Speaking to The Daily Swig<\/em>, Inti De Ceukelaire, head of hackers<\/em> of Intigriti<\/em>said that the partnership came about last year, when the Intigriti<\/em> led a program funded by the ISA2<\/em> of the EC. \"We are committed to further nurturing the relationship with the open source communities that we have established over the last few years,\" he said. tester<\/em> Belgian. \"Personally, I believe that all government bodies should have and encourage the use of vulnerability disclosure policies and introduce or adopt unequivocal laws to support vulnerability research. The rewards for bugs<\/em>, among other crowdsourcing<\/em>They are a great way of encouraging this.\"<\/p>

De Ceukelaire added: \"Virtually all organizations use open source projects in one way or another. Identifying and resolving security vulnerabilities in these projects has an impact at scale. The Log4j<\/em> has shown us that supporting the security of widely used open source projects is an absolute necessity, so we can only applaud this initiative by the European Commission.\"<\/p>

\u00a0<\/p>

The original article\u00a0<\/span>via The Daily Swig <\/i><\/span>can be read at:
<\/span>https:\/\/portswigger.net\/daily-swig\/european-commission-launches-new-open-source-software-bug-bounty-program<\/a><\/div>
\u00a0<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

The European Commission has launched a program that rewards the detection of bugs in its Open Source projects that underpin its public services. Bug bounty hunters will be able to receive up to \u20ac5,000 (the equivalent of 5,600 US dollars) for finding security vulnerabilities in open source software used throughout the European Union (EU), including LibreOffice, LEOS, Mastodon, Odoo and CryptPad. This program, led by the European bug bounty platform Intigriti, will also offer a bonus of 20% if a code fix for the bugs is provided by the researchers. In a statement released on January 19, the EC said it is looking for reports of security vulnerabilities such as the exposure of personal data, horizontal\/vertical privilege escalation and SQL injection. The highest reward will be paid for the detection of \"exceptional vulnerabilities\". This latest program follows on from another program, called FOSSA, also run by the EU, which paid out more than 220,000 dollars in its 18 months of operation, and which was heralded as a \"remarkable success\". Speaking to The Daily Swig, Inti De Ceukelaire, head of hacking at Intigriti, said that the partnership came about last year when Intigriti led a program funded by the EC's ISA2 program. \"We are committed to further nurturing the relationship with the open source communities that we have established over the last few years,\" said the Belgian tester. \"Personally, I believe that all government bodies should have and encourage the use of vulnerability disclosure policies and introduce or adopt unambiguous laws to support vulnerability research. Bug bounties, among other crowdsourcing initiatives, are a great way to encourage this.\" De Ceukelaire added: \"Virtually all organizations use open source projects in one way or another. Identifying and resolving security vulnerabilities in these projects has an impact at scale. The Log4j incident has shown us that supporting the security of widely used open source projects is an absolute necessity, so we can only applaud this initiative by the European Commission.\" The original article via The Daily Swig can be read at: https:\/\/portswigger.net\/daily-swig\/european-commission-launches-new-open-source-software-bug-bounty-program<\/p>","protected":false},"author":2,"featured_media":6501,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[31],"tags":[],"class_list":["post-6487","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-destaque"],"_links":{"self":[{"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/posts\/6487","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/comments?post=6487"}],"version-history":[{"count":0,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/posts\/6487\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/media\/6501"}],"wp:attachment":[{"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/media?parent=6487"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/categories?post=6487"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pstqb.pt\/en\/wp-json\/wp\/v2\/tags?post=6487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}