European Union Free and Open Source Software Auditing - Lessons Learned
The EU-FOSSA project, initiated in 2016 by the European Parliament, aims to improve the security of the open source software that is used by the European institutions. EU-FOSSA is a pilot project, and …
| Talk Title | European Union Free and Open Source Software Auditing - Lessons Learned |
| Speakers | Marek Przybyszewski (Information Systems Architect, European Commission - DIGIT), Saranjit Arora (Project Manager, European Commission - DIGIT) |
| Conference | Open Source Summit + ELC Europe |
| Conf Tag | |
| Location | Lyon, France |
| Date | Oct 27-Nov 1, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
The EU-FOSSA project, initiated in 2016 by the European Parliament, aims to improve the security of the open source software that is used by the European institutions. EU-FOSSA is a pilot project, and that means that it intends to find out what are the most-efficient methods for a large organization such as ours to work with very diverse open source communities. How do we fit these specific needs in strict procurement and budgeting procedures? How do we make open source development methods our own? All of this to improve the internal security while making recurrent external contributions. In 2019, we ran 15 bug bounty programmes, organised 3 hackathons, and reached out to a handful of other open source projects. We are ready to share the results and lessons learned from the activities of the EU-FOSSA project: bug bounties, hackathons and communication outreach. We will talk about the future perspectives, and aim to encourage other organisations that consider running similar projects.
