Are you an open source software ethical hacker? The European Commission invites you to find security vulnerabilities in 15 open source software projects, which are widely used by the EU institutions. Rewards range from EUR 3,000 to EUR 25,000. An additional 20% bonus will be offered for providing a fix for the detected vulnerabilities.

After a successful pilot in December 2017, the European Commission is now expanding its bug bounty programme to 15 open source software, which are widely used by the EU institutions.

The bug bounty programme is a key component of the EU-FOSSA 2 project, the second phase of the EU-FOSSA initiative funded by the EU. During its first phase the project created an inventory of open source software used at the European Commission and carried out code reviews of two open source software, namely KeePass and Apache HTTP Server. The EU-FOSSA is managed by the European Commission's Directorate General of Informatics (DIGIT), and implements the European Parliament's Pilot Project "Governance and quality of software code – Auditing of free and open source software". It’s main goal is to make open source software more secure.

For more information visit the EU-FOSSA page on JoinUp.