Huawei
Huawei, OpenAtom, and more launches vulnerability sharing and security reward program
Huawei, OpenAtom, Tencent, and some more tech vendors jointly announced a new vulnerability-sharing platform and security reward program. As the term reflects, the respective platform focuses on retaining better security of open-source software projects.
On the other hand, the security reward program encourages developers and researchers to actively participate and identify hidden security vulnerabilities in open-source projects. Let’s understand these terms in more detail.
When a vulnerability is detected in any project ranging between serious, high-risk, medium, or low-risk ratings, it will be considered as a valid defect. Developers and researchers when encountering such types of vulnerabilities, can submit it via the open-source vulnerability-sharing platform.
Meanwhile, they can also report the vulnerability using the OpenAtom open-source foundation. Here, you need to run the Security Center Email PGP public key to encrypt the defect information. Thereafter, complete the registration and identity authentication.
Both the vulnerability-sharing platform and security reward program by Huawei, OpenAtom, and others will help in the vulnerability management of open-source software and projects. These facilities will further improve multiple operations such as collecting defects, verifying, assessing, reporting, repairing, and publishing.
Eventually, it significantly optimizes the task of finding and fixing zero-day vulnerabilities in native open-source software projects. Currently, the sharing platform website shows a few options in the top menu bar including Project Hall, Contribution list, Announcements, and Submissions.
(Via)