**Announcing the New Jenkins Bug Bounty Program**

We are thrilled to announce the launch of the new Jenkins Bug Bounty Program! This exciting initiative has been made possible through a partnership between the European Commission (EC OSPO) and YesWeHack, a leading bug bounty platform provider.

The Jenkins project was carefully selected as a valuable asset for public administration across the European Union. The program's primary goal is to engage security researchers in identifying and responsibly disclosing vulnerabilities within Jenkins. This collaborative effort aims to ensure that Jenkins remains a secure and reliable automation server for organizations worldwide.

**A Comprehensive Security Approach**

Bug bounty programs are an essential component of our existing security practices. By leveraging the expertise of the global security research community, we can identify potential weaknesses in Jenkins more effectively than ever before. The added layer of scrutiny and financial incentives will undoubtedly enhance the overall security posture of the project.

**Initial Scope and Rewards**

The initial scope of this program includes:

* Jenkins Core * Main components * Four key plugins related to security

For security researchers, the rewards are substantial: up to €5,000 for valid critical findings! The platform for submitting reports is hosted on YesWeHack's user-friendly interface. Once submitted, the reports will undergo an initial triage by the YesWeHack team before being reviewed and validated by our Jenkins Security Team.

**A Seamless Integration**

This bug bounty program seamlessly integrates with our existing security workflow, ensuring that all vulnerabilities are addressed promptly and efficiently. The European Commission's support for this initiative has been invaluable, and we would like to extend our sincerest gratitude to YesWeHack for their commitment to making this program a success.

**Join the Jenkins Community**

Whether you're an experienced researcher or just starting out in bug bounty hunting, your contributions are essential to the Jenkins community. We invite security researchers from around the world to participate in this exciting opportunity and help us strengthen Jenkins' security posture.

By participating in this program, not only will you be rewarded financially for identifying vulnerabilities but also have a chance to contribute to the improvement of an open-source project used by millions worldwide.

**Get Involved Today**

To learn more about the Jenkins Bug Bounty Program, visit our platform on YesWeHack and explore the submission guidelines. We look forward to collaborating with security researchers from around the globe to make Jenkins an even more secure automation server for organizations worldwide.

---

### Meta Information

* **Title:** Announcing the New Jenkins Bug Bounty Program * **Author:** [Your Name] * **Date:** [Today's Date]

### Tags:

* Jenkins Bug Bounty Program * European Commission (EC OSPO) * YesWeHack * Security Research Community * Open-Source Projects * Automation Server