Serviceteam IT Security News

AWS BugBust Aims to Fix One Million Vulnerabilities Globally

Amazon Web Services (AWS) has launched an ambitious initiative to fix one million vulnerabilities and, as a result, reduce technical debt by over $100 million.

The cloud giant’s principal evangelist, Martin Beeby, said its new AWS BugBust would take the idea of a bug bash to a new level.

“AWS BugBust allows you to create and manage private events that will transform and gamify the process of finding and fixing bugs in your software. It includes automated code analysis, built-in leaderboards, custom challenges, and rewards,” he explained.

“AWS BugBust fosters team building and introduces some friendly competition into improving code quality and application performance. What’s more, your developers can take part in the world’s largest code challenge, win fantastic prizes, and receive kudos from their peers.”

The program will see participants use Amazon’s CodeGuru Reviewer and CodeGuru Profiler tools, which utilize automated reasoning and machine learning to find vulnerabilities in applications.

“A traditional bug bash requires developers to find and fix bugs manually,” continued Beeby. “With AWS BugBust, developers get a list of bugs before the event begins so they can spend the entire event focused on fixing them.”

Each time developers fix a vulnerability at a private event, they receive an allocation of points and be added to a global leader board — although only profile names and points will be visible here, not details of the vulnerabilities themselves.

Use of CodeGuru Reviewer and CodeGuru Profiler will be free for 30 days per AWS account. Developers will also be incentivized by various prizes handed out when they reach specific milestones.

An AWS BugBust varsity jacket is on offer for those reaching 2000 points, while the top 10 finalists on the leaderboard will get a free ticket to AWS re:Invent.

There were no more details on how AWS arrived at the $100 million figure, although technical debt is an ongoing challenge for the developer industry.

It stems from a focus on time-to-market at the expense of better written and more secure code at the outset. The result is that, while a project might be delivered quickly, it could be of poor quality and may need to be refactored in time. However, Amazon will have to pay back the debt eventually. 

A 2018 report claimed that fixing technical debt could be worth as much as $3 trillion globally over a decade.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply