2 matches found
An Empirical Study of Security-Policy Related Issues in Open Source Projects
GitHub recommends that projects adopt a SECURITY.md file that outlines vulnerability reporting procedures. However, the effectiveness and operational challenges of such files are not yet fully understood. This study aims to clarify the challenges that SECURITY.md files face in the vulnerability...
Mozilla Expands Bug Bounty to Web Apps
Mozilla has decided to follow the lead of Google and expand its bug-bounty program to pay for vulnerabilities found on certain of its Web sites, including the site for Firefox and the main Mozilla site. The group said that bounties for bugs found on the eligible sites will start at $500 and could...