Core Infrastructure Initiative logo

Core Infrastructure Initiative
Fortifying our future.

The stakes have never been higher for open-source software security. With millions of people around the world relying on open source software — and vulnerabilities like Heartbleed putting everyone at risk — it's time to change the way we support, protect, and fortify open software.

Millions of dollars of shared vigilance.

With our Core Infrastructure Initiative, we're taking a collaborative, pre-emptive approach for strengthening cyber security. Many industry giants signed on to harden the security of key open source projects.

  • Amazon
  • Bloomberg
  • Cisco
  • Dell
  • Facebook
  • Fujitsu
  • Google
  • Hitachi
  • HP
  • Huawei
  • IBM
  • Intel
  • Microsoft
  • NEC
  • NetApp
  • Qualcomm
  • Rackspace
  • Salesforce
  • VMWare

Today, a world-class team of security experts helps the Core Infrastructure Initiative identify and fund open source projects that we all rely upon, whether it's conducting an audit to pinpoint potential weaknesses or collaborating on code to harden security practices.

Meet our security experts.

  • Adam Shostack

    Adam Shostack

    Technologist, Entrepreneur, Author, and Game Designer
  • Alan Cox

    Alan Cox

    Longtime Linux Kernel Developer
  • Ben Laurie

    Ben Laurie

    Senior Member of Security Team at Google
  • Bruce Schneier

    Bruce Schneier

    Security Technologist and Author
  • Dan Kaminsky

    Dan Kaminsky

    Security Researcher
  • Dan Meredith

    Dan Meredith

    Director of Open Technology Fund, Radio Free Asia
  • Eduard Karel de Jong

    Eduard Karel de Jong

    Security and Privacy Expert
  • Eric Sears

    Eric Sears

    Program Officer for Human Rights and International Justice
  • Greg Kroah-Hartman

    Greg Kroah-Hartman

    Fellow, Linux Foundation
  • Matt Green

    Matt Green

    Assistant Research Professor at Johns Hopkins University
  • Michael Howard

    Michael Howard

    Senior Principal Cybersecurity Architect at Microsoft
  • Robert Seacord

    Robert Seacord

    Secure Coding Technical Manager, CERT Division of Carnegie Mellon University’s Software Engineering Institute (SEI)
  • Ted Ts'o

    Ted Ts'o

    Staff Engineer at Google
  • Tom Ritter

    Tom Ritter

    Practice Director at NCC Group's Cryptography Services

Join us.

With your help, we can speed the pace of open-source innovation while dramatically reducing global threats to online security. In just one year, we've already seen a decrease in the number of bugs in funded projects and built a coalition of committed industry partners. Join us today, and protect the future of computing for generations to come.

What type of help does the Core Infrastructure Initiative provide?

Support from the Initiative can include:

  • funding for fellowships, so key developers can work full time on open source projects
  • security audits
  • computing and test infrastructure
  • travel
  • face-to-face meetings
  • additional security support

How has CII already helped?

OpenSSL Developers

In 2014, CII funded and organized the very first face-to-face meeting of the OpenSSL developers. The core developers collaborated, solved problems, and made progress on the many new contributions coming into the project. The number of bugs are going down, while the number of commits are going up.