tl;dr Have a security research idea? We’re sponsoring 2 projects a month. Your research will be featured on our blog, you get $1500 and you can still submit your research to conferences.
We fundamentally believe that developing open-source software and publishing responsibly-disclosed security research improves everyone’s security. To encourage security practitioners to spend time on side projects that benefit the security community, we’re opening up a Call For Papers (CFP).
The entire aim of this program is to fund super cool security research projects (ideally in the application security realm) that help make everyone more secure.
How it works
Anyone* can submit a response to our CFP on a rolling, on-going basis. Truffle Security will prioritize (but not limit) research about the following topics:
Leaked Secrets
Application Security
Identity and Access Management
New open-source security tooling
The proposed research should take about a month (part-time) to complete and must culminate in a blog post, written in English, of at least 1,000 words documenting the research. Please see Truffle Security’s existing blogs to get a sense for the tone and writing style used.
The Truffle Security Research team will review submissions as they come in and will notify researchers within 10 business days of submission as to the status of their acceptance.
You can submit your proposal here. We ask you to share your name, a brief summary of your proposed research project and a bit about your background in security.
What Researchers Get
A $1500 Honorarium for the time and effort to conduct the research.
A featured blog post on the Truffle Security website.
The freedom to submit the research to conferences (we won’t forbid you from sharing your research with the world).
Access to Truffle Security’s internal security research team for support.
What Truffle Security Gets
A unique blog post written about the research in English.
A 14-day exclusivity window (after that, the research can be shared on another channel)
