Google is backing a new project from the Linux Foundation to the tune of $1 million that aims to bolster the security of critical open-source projects.
Rather than a bug bounty, Google’s latest investment – a part of its $10 billion pledge to President Biden’s cybersecurity push – seeks to address potential security issues before they become bugs through improvements in hardening software against attacks.
Dubbed Secure Open Source (SOS), the pilot program run by the Linux Foundation, “financially rewards developers for enhancing the security of critical open-source projects”.
The rewards range from “$10,000 or more” for hardening software in a way that prevents major bugs to $505 for “small improvements” that have merit, according to a Google blogpost.
Rewards of between $5,000 to $10,000 are available for “moderately complex improvements that offer compelling security
Read the article