Secure Open Source Rewards’ to help in preventing assaults on the software supply chain. Check out how! – Economic Times

The SOS.dev initiative 'Secure Open Source Rewards' will help in preventing assaults on the software supply chain by incentivising researchers to offer security upgrades to essential projects.

This new initiative aims to reward developers and security experts that enhance crucial infrastructure using open source software. According to those who support it, the rewards initiative, which is 'Secure Open Source,' will cover more ground than bug bounty schemes at the current time.

By encouraging academics and developers to make security changes, the programme would "harden vital open source projects" and aid in protecting against application and software supply chain threats.

Save Our Software

The NIST definition of "vital software," the scope of the security enhancements and the number of users, who stand to gain, will be considered when selecting qualified projects for the 'Save Our Software Secure Open Source Rewards'.

For "complex, high-impact and enduring enhancements that virtually surely avert severe vulnerabilities," rewards range from $505 for simple changes to $10,000 or more. As SOS.dev develops, we will add additional enhancements to the goals.

Million Dollar Funding

In contrast to traditional bug bounty programmes, the programe named 'Secure Open Source Rewards' takes help of developers in security enhancements rather than merely vulnerabilities. Additionally, it will provide a small amount of up-front financing for initiatives seeking to enhance security over the long term.

The initiative comes as businesses plan to improve the security of their most important apps and infrastructure. Software supply chains are receiving more attention, particularly the significance of key open source components throughout the ecosystem.

We will continue to see significant breaches resulting from software supply chain attacks if we don't take action right away to address these Achilles' heels. "Supply chain security starts with the original contributor and the security of their coding standards, computing environment and build systems," said Andrew Martin, CEO at ControlPlane and CISO at OpenUK.

Disclaimer: This content is authored by an external agency. The views expressed here are that of the respective authors/ entities and do not represent the views of Economic Times (ET). ET does not guarantee, vouch for or endorse any of its contents nor is responsible for them in any manner whatsoever. Please take all steps necessary to ascertain that any information and content provided is correct, updated and verified. ET hereby disclaims any and all warranties, express or implied, relating to the report and any content therein.

More:
Secure Open Source Rewards' to help in preventing assaults on the software supply chain. Check out how! - Economic Times

Related Posts
This entry was posted in $1$s. Bookmark the permalink.