
Linux Foundation Will Run Secure Open Source Pilot Program
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Google has announced its new Secure Open Source (SOS) Pilot Program. The initiative will fund developers who are working to harden the security posture of open source applications. SOS will be administered by the Linux Foundation.
Google says the company will kick off the program with a $1 million investment and plans to expand the program.
The reward program intends to provide the support that helps make open source software safe and secure.
READ Google Paid Out $6.7M in Bug Bounty Rewards Last Year
The new SOS program will focus on supply chain software security improvements for pipelines and distribution infrastructure. it will also focus on software signing and verification.
“To complement existing programs that reward vulnerability management, SOS’s scope is comparatively wider in the type of work it rewards, in order to support project developers,” says the announcement.
READ Microsoft Announces $100k Azure Security Bug Bounty Program
SOS Reward Amounts:
- $10,000+ high-impact and lasting improvements that prevent major vulnerabilities
- $5,000-$10,000 for moderately complex security improvements
- $1,000-$5,000 for submissions of modest complexity and impact
- $505 for small improvements
Upfront funding is also available.
Learn Cyber Security Skills Online at Your Own Pace
- Google Cloud Security
- Google Cloud Networking
- Introduction to Cybersecurity Tools & Cyber Attacks
- Linux Security
- Cyber Security 10 Domains
- IBM Fundamentals
- AWS Cloud Native
What is Open Source Software?
Open source software began as a way for computer programmers to share software and coding knowledge to learn from each other. Eventually, open source apps were commercialized and became a way to develop cheaper applications that compete with mainstream software from enterprise developers like Microsoft. Today there are over 180,000 open-source projects according to Wikipedia.
Google says that suggested security improvements that receive funding will consider how many users will benefit from these upgrades. Selection will also consider the impact the improvements will have on infrastructure and user security.
Only work completed after October 1, 2021 will qualify for SOS rewards.