HackerOne is bringing bug hunting and software testing to open source developers to help make open source software more secure and safer to use.
A lot of modern tools and technologies depend on open source software, so a security flaw can wind up having a widespread impact — the Heartbleed flaw in OpenSSL, for example. Many open source projects still rely on the “thousand eyes” concept when it comes to software security — that anyone being able to see the source code means defects are found and fixed faster. While it’s true to some extent, it doesn’t apply if no one is actually looking at the code, as we’ve learned repeatedly over the past few years.
To read this article in full or to leave a comment, please click here