DHS funds effort to monitor vulnerabilities of open source code
Open source-based applications grow in popularity, and DHS decides to monitor more closely the security issues involved
DHS is sponsoring a daily audit of major open source software to look for vulnerabilities and bugs through a three-year, $1.2 million grant to San Francisco-based Coverity, Stanford University, and Symantec. Stanford and Coverity will build and maintain a system which automatically analyzes more than forty open source software projects each day and publishes defects and vulnerabilities it finds on the Internet. Funded by the Homeland Security Advanced Research Project Agency (HSARPA), the goal is to help the IT community identify and correct vulnerabilities in open source products from Linux, Apache, Mozilla, and others.
The “Vulnerability Discovery and Remediation Open Source Hardening Project,” is sponsored by DHS’ Science and Technology Directorate as part of its critical infrastructure protection mission. Many open source software packages are in use by the federal government and industry.
-read more in this report
