A new set of bug bounties was launched on 13 of January 2022 using the Intigriti bug bounty platform. In total, an amount of EUR 200,000 was funded by the European Commission Open Source Programme Office (EC OSPO) to focus again on the security of open source software widely used by public services.
Researchers are called to find security vulnerabilities such as leaks of personal data, horizontal/vertical privilege escalation and SQLi. The highest reward will be EUR 5000 for exceptional vulnerabilities and a 20% bonus if the fix is also provided. One criteria in selecting bug bounties was their use within European public services. LibreOffice, Mastodon, Odoo and Cryptpad amply met this criterion and were therefore selected. In addition, the EC OSPO decided to select LEOS, a legal editor used by European Commission, Parliament, Council and several member states.
The European Commission Open Source Programme Office (EC OSPO) was created in 2020 as the first concrete action of the latest Open Source Software Strategy for 2020-2023. It acts as a facilitator for activities outlined in the strategy and the action plan guided by six principles: open, transform, share, contribute, secure, stay in control. In practice, the Commission aims to reinforce an internal working culture that is already largely based on the principles of open source and achieve the goals of the strategy by the following concrete actions:
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more