[FYI] Secure Open Source Program Announced to Fund OSS Security Improvements
Hi Project Leads & Maintainers,
Wanted to share a program that was announced Friday, and may be of interest to you:
The program provides financial incentives for making security improvements on critical open source projects. More than a "bug bounty," this effort is meant to reward meaningful security improvements that move the needle against security metrics and improve a project's best practices as outlined in tools such as the SLSA framework and Scorecards.
If you have any questions, please let me know; we'd be happy to connect you with program leaders for more information as well.