Amazon Web Services (AWS) has launched an ambitious initiative to fix one million vulnerabilities and, as a result, reduce technical debt by over $100 million.
The cloud giant’s principal evangelist, Martin Beeby, said its new AWS BugBust would take the idea of a bug bash to a new level.
“AWS BugBust allows you to create and manage private events that will transform and gamify the process of finding and fixing bugs in your software. It includes automated code analysis, built-in leaderboards, custom challenges, and rewards,” he explained.
“AWS BugBust fosters team building and introduces some friendly competition into improving code quality and application performance. What’s more, your developers can take part in the world’s largest code challenge, win fantastic prizes, and receive kudos from their peers.”
The program will see participants use Amazon’s CodeGuru Reviewer and CodeGuru Profiler tools, which utilize automated reasoning and machine learning to find vulnerabilities in applications.
“A traditional bug bash requires developers to find and fix bugs manually,” continued Beeby. “With AWS BugBust, developers get a list of bugs before the event begins so they can spend the entire event focused on fixing them.”
Each time developers fix a vulnerability at a private event, they receive an allocation of points and be added to a global leader board — although only profile names and points will be visible here, not details of the vulnerabilities themselves.
Use of CodeGuru Reviewer and CodeGuru Profiler will be free for 30 days per AWS account. Developers will also be incentivized by various prizes handed out when they reach specific milestones.
Continue Reading At:
https://www.infosecurity-magazine.com/news/aws-bugbust-fix-one-million/