[Owasp-leaders] OWASP Bug Bounty Program

Jim Manico jim.manico at owasp.org
Fri Jan 22 23:12:58 UTC 2016

(Forwarded from the Community list)

OWASP Community,

There has been a lot of discussion lately about the possibility of 
starting a Bug Bounty program here at OWASP. It could cover OWASP 
Foundation assets (the website, servers, etc) as well as interested 
OWASP Projects. The scope, payout, and even the types of vulnerabilities 
that we honor is yet to be determined. Please consider this an open call 
that, as our ED, the OWASP Board, and our Projects Team contemplate what 
a Bug Bounty program would mean to OWASP, we are willing to entertain 
any and all offers from anyone interested in helping with such a 
program. Please reach out to us over the next week or so if you are 
interested. Thanks!


Josh Sokol
Vice Chair, OWASP Foundation Board of Directors

More information about the OWASP-Leaders mailing list