The GitHub Security Lab audits open source projects for security vulnerabilities and helps maintainers fix them. Recently, we passed the milestone of 500 CVEs disclosed. Let’s take a trip down memory lane with a review of some noteworthy CVEs!
Our bug bounty team has had an exciting year, including celebrating the eighth year of our program, hosting a live hacking event in June, spotlighting one of our hackers for cybersecurity awareness month, and spending more time with our community at events such as DEFCON 30. Along the way, we have captured feedback from participants in our program, and we are very excited to announce that we are introducing our very own swag store!
The addition of the swag store comes from many conversations and feedback on how we can continue to improve our bug bounty program. We learned that not only do our researchers genuinely enjoy receiving swag but they also like to show off their involvement with our bounty program.
The new GitHub Bug Bounty swag store will allow researchers to earn exclusive bug bounty branded swag, as a bonus perk to their earned bounty reward. Through reports, researchers have the ability to receive points that can be redeemed for t-shirts, sweatshirts, stickers, and other cool items. For information about our new store, please visit our bounty store FAQ.
Our partnership with talented security researchers from across the community is pivotal in running a successful bug bounty program, so we thank all who continue to support and participate in our program. Your submissions are greatly valued and impactful to ensuring the safety and security of our products, our users, and the community, and we are excited to introduce even more incentives. For more details regarding the program’s scope, rules, and rewards please visit our website. Happy hacking!