GitHub’s new Security Bug Bounty Programme

In a bid to make the internet safer, GitHub is launching its new Security Bug Bounty Programme, similar to the one it launched three years ago, but on a larger scale.

Along with Facebook and the Ford Foundation, the development platform has donated up to US$100,000 to the Internet Bug Bounty (IBB), to help catch more internet vulnerabilities in open source software and internet infrastructure.

The IBB has previously caught over 625 vulnerabilities and has been awarded over US$616,350, within the largest software communities, which include: RubyGems, Ruby, Phabricator, PHP, Python and OpenSSL.

According to GitHub, US$300,000 is going to be spent on improving IBB, including a new Data Processing Programme to “encompass numerous widespread data parsing libraries as these have been an increasing avenue for exploitation” and an expansion of “coverage of technologies that serve as the technical foundation of a free and open Internet, such as OpenSSL.”

Written from press release by Leah Alger