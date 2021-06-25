Infosecurity Group Websites
Latest
News

AWS BugBust Aims to Fix One Million Vulnerabilities Globally

Amazon Web Services (AWS) has launched an ambitious initiative to fix one million vulnerabilities and, as a result, reduce technical debt by over $100 million.

The cloud giant’s principal evangelist, Martin Beeby, said its new AWS BugBust would take the idea of a bug bash to a new level.

“AWS BugBust allows you to create and manage private events that will transform and gamify the process of finding and fixing bugs in your software. It includes automated code analysis, built-in leaderboards, custom challenges, and rewards,” he explained.

“AWS BugBust fosters team building and introduces some friendly competition into improving code quality and application performance. What’s more, your developers can take part in the world’s largest code challenge, win fantastic prizes, and receive kudos from their peers.”

The program will see participants use Amazon’s CodeGuru Reviewer and CodeGuru Profiler tools, which utilize automated reasoning and machine learning to find vulnerabilities in applications.

“A traditional bug bash requires developers to find and fix bugs manually,” continued Beeby. “With AWS BugBust, developers get a list of bugs before the event begins so they can spend the entire event focused on fixing them.”

Each time developers fix a vulnerability at a private event, they receive an allocation of points and be added to a global leader board — although only profile names and points will be visible here, not details of the vulnerabilities themselves.

Use of CodeGuru Reviewer and CodeGuru Profiler will be free for 30 days per AWS account. Developers will also be incentivized by various prizes handed out when they reach specific milestones.

An AWS BugBust varsity jacket is on offer for those reaching 2000 points, while the top 10 finalists on the leaderboard will get a free ticket to AWS re:Invent.

There were no more details on how AWS arrived at the $100 million figure, although technical debt is an ongoing challenge for the developer industry.

It stems from a focus on time-to-market at the expense of better written and more secure code at the outset. The result is that, while a project might be delivered quickly, it could be of poor quality and may need to be refactored in time. However, Amazon will have to pay back the debt eventually. 

A 2018 report claimed that fixing technical debt could be worth as much as $3 trillion globally over a decade.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

NIST Publishes Ransomware Guidance

2
Blog

The Story of the EC-Council Gender Survey Scandal: Survey Creator Says "It Was Written by Women so it Can't be Sexist"

3
News

Anti-virus Pioneer John McAfee Found Dead in Spanish Prison Cell

4
News

Cyber-Attacks Are Primary Funding Source for North Korea

5
News

Ransomware Attacks Decline as Gangs Focus on Lucrative Targets

6
News

Ransom Leak Sites Reveal 422% Annual Increase in Victims

1
News

FIN7 Pen Tester to Serve Seven Years

2
News

World’s Largest E-tailers to be Investigated Over Fake Reviews

3
Magazine Feature

Top 5 Zero Trust Policies

4
Opinion

Malware-as-a-Service is a Booming Business

5
News

AWS BugBust Aims to Fix One Million Vulnerabilities Globally

6
News

Newly Discovered Dell Bugs Impact 30 Million PCs

1
Webinar

Defining the Zero Trust and SASE Relationship

2
Webinar

The Challenge of Remote File Transfer Security: Is Centralization the Answer?

3
Webinar

Secure Access Management: Modernize your IT Infrastructure by Maximising Productivity and Minimizing Friction

4
Webinar

How To Navigate the Critical Intersection Between Data Security and Data Privacy

5
Webinar

Securing Your Transition to the Cloud

6
Webinar

Zero Trust in 2021: How to Seamlessly Protect Your Remote and In-Office Users

1
Webinar

How to Win Cybersecurity Budget and Buy-in from the C-Suite to Mitigate Increased Level of Threat

2
Podcast

IntoSecurity Podcast Episode 26, brought to you by TuxCare

3
Webinar

Defining the Zero Trust and SASE Relationship

4
Webinar

How To Navigate the Critical Intersection Between Data Security and Data Privacy

5
News

McDonald’s Suffers Data Breach

6
Digital Edition

Infosecurity Magazine, Digital Edition, Q2, 2021, Volume 18, Issue 2