[Owasp-board] Petition budget for OWASP Bug Bounty 2016-2017

johanna curiel curiel johanna.curiel at owasp.org
Thu Nov 10 12:22:19 UTC 2016

Dear Board,

So far the bug bounty is running since May , and I believe one of the
projects that have benefit most from this program is ZAP.

Others projects which are less popular have not received many submissions,
still valuable feedback.

So far it is clear that for bug hunters to spent time on this there must be
a financial gain, not just kudos. Zap has recently launched monetary
bounties from their own project budget (USD 1000).

My request is to have a Budget of USD 6000 for the Bounty as a support for
projects that are working proactively in their security. ZAP is sure
leading by example and with this budget, we can have the existing
participating projects   being challenged by this

For the budget , it will be break down as follows

   - ZAP==>USD 2000
   - Java Encoder==>USD1000
   - Java Sanitizer==> USD 1000
   - CRSFGuard==>USD 1000
   - Any new project that wants to participate==>USD 1000

We can discuss this during the next OWASP meeting


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20161110/89700cb9/attachment.html>

More information about the Owasp-board mailing list