We are happy to announce the X-Road® bug bounty program! We've done our best to clean most of our known issues and now would like to request your help to spot the ones we missed! The following components of X-Road are in-scope for this bug bounty program:
X-Road Central Server
X-Road Security Server and its addons
X-Road Configuration Proxy
As an example:
We are very interested in maintaining a high level of trust and security in the communication that takes place between two Security Servers. If you find any way of breaking that trust by using a man in the middle attack or any other means, please let us know!