Technology peripheralsIt IndustryOpen Atom, Huawei, Tencent and others jointly launch open source vulnerability sharing platform and security reward planOpen Atom, Huawei, Tencent and others jointly launch open source vulnerability sharing platform and security reward plan
According to news from this site on December 16, according to the Open Atom public account, at the opening ceremony of the 2023 Open Atom Developer Conference, the open source vulnerability sharing platform and security reward program were officially released.
Feng Guanlin, Secretary General of the Open Atom Open Source Foundation, Ren Xudong, Vice Chairman of the Open Source Security Committee, Lu Levin, Chairman of the Open Source Vulnerability Information Sharing Project Working Committee, and representatives from Alibaba Cloud, Baidu, the Fifth Institute of Electronics of the Ministry of Industry and Information Technology, Huawei, JD Technology, Representatives from Ant Group, Qi Anxin, Tsinghua University, Sangfor, Tencent, Tongxin Software, Zhejiang University, Institute of Software of the Chinese Academy of Sciences and other units jointly released it.
# It is understood that the open source vulnerability sharing platform focuses on the vulnerability disposal of open source projects incubated by the foundation and the upstream projects it relies on. By involving multiple parties and comprehensively It focuses on 0day vulnerability management in the field of open source software through cycle coverage and promotes efficient disposal. It covers the full life cycle processing process of open source software vulnerability collection, verification, evaluation, reporting, repair and release, and provides all the necessary tools for vulnerability repair. Resources and environment are needed to comprehensively improve the ability to discover and repair 0day vulnerabilities in domestic open source software.
In order to encourage developers and researchers of open source projects and the upstream projects they depend on to actively participate in the identification of security vulnerabilities, the Foundation has launched a security reward program. This program allows developers and researchers to submit the security vulnerabilities they discover through an open call. If the vulnerability meets the four rating criteria of severe, high risk, medium risk, and low risk in the CVSS vulnerability scoring method, It will be deemed as a valid vulnerability and rewarded. Developers and security researchers can submit vulnerabilities through the Open Atom Open Source Foundation open source vulnerability sharing platform, or they can use the Open Atom Open Source Foundation Open Source Security Center Email PGP public key to encrypt the vulnerability information and send the vulnerability information to the Open Source Security Center Email
, you need to register on the platform and perform real-name identity authentication later.
The above is the detailed content of Open Atom, Huawei, Tencent and others jointly launch open source vulnerability sharing platform and security reward plan. For more information, please follow other related articles on the PHP Chinese website!
Top 21 Developer Newsletters to Subscribe To in 2025Apr 24, 2025 am 08:28 AMStay informed about the latest tech trends with these top developer newsletters! This curated list offers something for everyone, from AI enthusiasts to seasoned backend and frontend developers. Choose your favorites and save time searching for rel
Serverless Image Processing Pipeline with AWS ECS and LambdaApr 18, 2025 am 08:28 AMThis tutorial guides you through building a serverless image processing pipeline using AWS services. We'll create a Next.js frontend deployed on an ECS Fargate cluster, interacting with an API Gateway, Lambda functions, S3 buckets, and DynamoDB. Th
CNCF Arm64 Pilot: Impact and InsightsApr 15, 2025 am 08:27 AMThis pilot program, a collaboration between the CNCF (Cloud Native Computing Foundation), Ampere Computing, Equinix Metal, and Actuated, streamlines arm64 CI/CD for CNCF GitHub projects. The initiative addresses security concerns and performance lim
Building a Network Vulnerability Scanner with GoApr 01, 2025 am 08:27 AMThis Go-based network vulnerability scanner efficiently identifies potential security weaknesses. It leverages Go's concurrency features for speed and includes service detection and vulnerability matching. Let's explore its capabilities and ethical
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
SublimeText3 Chinese version
Chinese version, very easy to use
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
