1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Mozilla fund will pay for security audits of open-source code

Discussion in 'Network World' started by RSS, Jun 10, 2016.

  1. RSS

    RSS New Member Member

    A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software.

    Mozilla has set up a US$500,000 initial fund that will be used for paying professional security firms to audit project code. The foundation will also work with the people maintaining the project to support and implement fixes and manage disclosures, while also paying for the verification of the remediation to ensure that identified bugs have been fixed.

    The initial fund will cover audits of some widely-used open source libraries and programs.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page