Open Source App Vulnerabilities

Compliance Challenges and Unrealistic Budgets
March 10, 2020
Bounty Programs
March 10, 2020

Open Source App Vulnerabilities

Companies that use open source tools will need to perform daily, rather than occasional, security checks this year.

Companies that use open source tools will need to perform daily, rather than occasional, security checks this year.

Early in 2019, the EU offered $1 million in bug bounties—rewards for hackers that identify vulnerabilities and report them to the affected organization—for open source software.

Why? OpenSSL bugs like Heartbleed caught the government’s attention. In 2017, a data scientist revealed a new kind of malware capable of infecting an open A.I. system like OpenAI Gym, which is Elon Musk’s open-source toolkit for machine learning algorithms. It’s just one example of a booming market for malicious tools that exploit vulnerabilities in open source applications and software.

As the A.I. ecosystem grows to incorporate more open source code and community-built tools, it will be especially important to spot problems in advance.