FileZilla® joins EU-funded bug bounty program

Program will pay researchers to find security flaws in open source software

Köln, Germany —29 January 2019— FileZilla®, the popular cross-platform file access and transfer software application, has joined the EU-funded bug bounty program to make open source software more secure.

The European Commission, which proposes and enforces laws for the European Union, has made treating critical open source software as a public good a top priority. Realising the importance of the security and reliability of all digital infrastructures was the driving factor behind the Commission’s decision to identify open source programs that are critical to the European Commission, and to fund initiatives to make them more secure.

FileZilla is proud to announce it has been elected to participate in the program, called the EU-Free and Open Source Software Auditing project (EU-FOSSA 2). The bug bounty program will pay software developers prizes to identify security bugs in open source items that are in use by the EU, both security-related and those with a large user base.

Previous EU-FOSSA deliverables enlisted all open source programs that are potentially critical due to their presence and use at the European Institutions, and FileZilla made it to the EU’s OSS shortlist ranking.

“Finding bugs, which even the best developers sometimes inadvertently introduce, is a task that benefits a lot from having more developers look at the code,” said Tim Kosse, FileZilla founder and team leader. “As software developer and author Eric S. Raymond famously said, ‘Given enough eyeballs, all bugs are shallow.”

Kosse continued: “The challenge, however, lies in attracting these eyeballs. As such, backing bounty programs to make sure popular open source applications like FileZilla are safe to use is a great thing”.

Researchers who find bugs in OSS programs will receive prizes from the European Commission ranging from 25,000 to 90,000 euros. FileZilla hackable targets can be found at the following page: https://hackerone.com/filezilla_h1c/

“As maintaining and enhancing a program like FileZilla requires a lot of time and dedication, we created a pro version to match professionals’ needs and to fund the project, so everyone buying FileZilla Pro helps us to keep working on FileZilla” said Roberto Galoppini, Director of Strategy at FileZilla. “Depending on the outcomes of this initiative, we might decide to fund bug bounties ourselves, as our users’ and customers’ security is paramount to us.”

About FileZilla Pro

FileZilla Pro allows system administrators, Web developers, designers, and other professional users to transfer files across all types of remote servers and computing environments. For more information about FileZilla Pro services, visit https://filezillapro.com.

© FileZilla. All rights reserved. FileZilla and the FileZilla logo are registered trademarks in the USA and the European Union. All other brands and trademarks are the property of their respective owners.

# # #

CONTACT:
Roberto Galoppini
+1 315-510-5172
social@filezilla-project.org

By continuing to use the site, you agree to the use of cookies. more information

We use cookies to personalize content and analyze our traffic. We also provide information on how you use our site to our web analytics, advertising and social media analytics partners, who may combine it with other information you have provided or collected based on your use of their services.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.
Please refer to our Privacy Policy page for further details.

Close