Linux Foundation Will Run Secure Open Source Pilot Program
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Google has announced its new Secure Open Source (SOS) Pilot Program. The initiative will fund developers who are working to harden the security posture of open source applications. SOS will be administered by the Linux Foundation.
Google says the company will kick off the program with a $1 million investment and plans to expand the program.
The reward program intends to provide the support that helps make open source software safe and secure.
The new SOS program will focus on supply chain software security improvements for pipelines and distribution infrastructure. it will also focus on software signing and verification.
“To complement existing programs that reward vulnerability management, SOS’s scope is comparatively wider in the type of work it rewards, in order to support project developers,” says the announcement.
SOS Reward Amounts:
- $10,000+ high-impact and lasting improvements that prevent major vulnerabilities
- $5,000-$10,000 for moderately complex security improvements
- $1,000-$5,000 for submissions of modest complexity and impact
- $505 for small improvements
Upfront funding is also available.
What is Open Source Software?
Open source software began as a way for computer programmers to share software and coding knowledge to learn from each other. Eventually, open source apps were commercialized and became a way to develop cheaper applications that compete with mainstream software from enterprise developers like Microsoft. Today there are over 180,000 open-source projects according to Wikipedia.
Google says that suggested security improvements that receive funding will consider how many users will benefit from these upgrades. Selection will also consider the impact the improvements will have on infrastructure and user security.
Only work completed after October 1, 2021 will qualify for SOS rewards.