NCC Group is set to build a more secure future for open source software as a member of the GitHub Security Lab, which will contribute resources, tooling, bounties and research to secure the global open source ecosystem.
Along with other global leaders in the industry, including Google, Microsoft and Uber, we will be working with GitHub to share knowledge and boost access to security expertise amongst the open source community. As part of the initiative, we will be committing up to 10% of our global research capacity to understanding and resolving common issues in the open source community.
This ties into NCC Group’s longstanding commitment to boosting open source security. In 2017, we pioneered the concept of the Fix Bounty schemes, rewarding individuals for finding and fixing vulnerabilities in open source software.
Commenting on the initiative, Ollie Whitehouse, global CTO at NCC Group, said: “As a business with a commitment to making the world safer and more secure, we’re extremely proud to be a part of this initiative.
“With the support of the industry and leading researchers, we have no doubt that the GitHub Security Lab will not only empower the open source community when it comes to vulnerability discovery and remediation, but will promote the automation of security and secure design practices around the world.”