Google has announced a new security effort called “Project Zero,” and it is hiring. Project Zero will look for zero-day vulnerabilities in all Internet-related software, not just Google applications. The goal is to prevent malicious individuals?or governments?from exploiting bugs like the Heartbleed bug in OpenSSL that was discovered earlier this year.
Google promises transparency in its efforts, and it plans to follow standard white-hat practices of first reporting security bugs to software owners. Those interested in becoming part of Project Zero can find more information on the Google online security blog.