{"id":16873,"date":"2023-02-02T19:32:21","date_gmt":"2023-02-02T18:32:21","guid":{"rendered":"https:\/\/www.show.it\/google-shells-out-600000-for-oss-fuzz-project-integrations\/"},"modified":"2023-02-02T19:32:21","modified_gmt":"2023-02-02T18:32:21","slug":"google-shells-out-600000-for-oss-fuzz-project-integrations","status":"publish","type":"post","link":"https:\/\/www.show.it\/en\/google-shells-out-600000-for-oss-fuzz-project-integrations\/","title":{"rendered":"Google Shells Out $600,000 for OSS-Fuzz Project Integrations"},"content":{"rendered":"<p><strong>Google this week announced an extension to its OSS-Fuzz rewards program, an initiative meant to reward contributors for integrating projects into OSS-Fuzz.<\/strong><\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/google-launches-oss-fuzz-open-source-fuzzing-service\/\">Launched in 2016<\/a>, OSS-Fuzz is meant to help identify vulnerabilities in open source software through continuous fuzzing, with a declared goal of making common software infrastructure more secure.<\/p>\n<p>Six months after the launch, Google announced that it was offering rewards between $1,000 and $20,000 <a href=\"https:\/\/www.securityweek.com\/google-offers-20000-join-oss-fuzz-program\/\">for integrating projects into OSS-Fuzz<\/a>, and now says that it <a href=\"https:\/\/security.googleblog.com\/2023\/02\/taking-next-step-oss-fuzz-in-2023.html\">has paid over $600,000<\/a> to more than 65 different contributors as part of the program.<\/p>\n<p>The internet search marketing giant has now increased the highest reward available for new project integration to $30,000, which can be awarded depending on \u2018the criticality of the project\u2019.<\/p>\n<p>Launched last year and already integrated into OSS-Fuzz, the tool performs analysis of functions, static call graphs, and runtime coverage information to provide insights into fuzzing coverage blockers.<\/p>\n<p>\u201cThe Fuzz Introspector tool provides these insights by identifying complex code blocks that are blocked during fuzzing at runtime, as well as suggesting new fuzz targets that can be added,\u201d Google says.<\/p>\n<p>By increasing payouts and expanding the OSS-Fuzz rewards program, Google seeks to strengthen OSS-Fuzz to find more vulnerabilities before they are exploited.<\/p>\n<p><strong>Related:<\/strong> <a href=\"https:\/\/www.securityweek.com\/google-announces-vulnerability-scanner-open-source-developers\/\">Google Announces Vulnerability Scanner for Open Source Developers<\/a><\/p>\n<p><strong>Related:<\/strong> <a href=\"https:\/\/www.securityweek.com\/googles-guac-open-source-tool-centralizes-software-security-metadata\/\">Google\u2019s GUAC Open Source Tool Centralizes Software Security Metadata<\/a><\/p>\n<p><strong>Related:<\/strong><a href=\"https:\/\/www.securityweek.com\/google-wants-more-projects-integrated-oss-fuzz\/\"> Google Wants More Projects Integrated With OSS-Fuzz<\/a><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/google-shells-out-600000-for-oss-fuzz-project-integrations\/\">Google Shells Out $600,000 for OSS-Fuzz Project Integrations<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/\">SecurityWeek<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google this week announced an extension to its OSS-Fuzz rewards program, an initiative meant to reward contributors for integrating projects into OSS-Fuzz. Launched in 2016, OSS-Fuzz is meant to help identify vulnerabilities in open source software through continuous fuzzing, with a declared goal of making common software infrastructure more secure. Six months after the launch, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16874,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[178,179,23],"tags":[],"class_list":["post-16873","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-google","category-oss-fuzz","category-vulnerabilities"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/comments?post=16873"}],"version-history":[{"count":0,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16873\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media\/16874"}],"wp:attachment":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media?parent=16873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/categories?post=16873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/tags?post=16873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}