The Core Infrastructure Initiative (CII) and its members have come together to invest in core infrastructure, providing funding for fundamental projects like OpenSSL, OpenSSH, NTPd and others. These impact of these grants was felt immediately, with projects being able to add team members, improve coding best practices, set up predictable release schedules and roadmaps and perform audits to help future proof code. Under the guidance of the Advisory Board, CII is actively researching and identifying new projects that need support and working with established projects to ensure best practices are being followed to help create a culture of secure coding practices. he following is a list of projects that have received grants from CII since its inception.

For more information, please Contact Us. To submit a grant proposal, apply online using the CII Grants Management Solution.

Previously Funded

OWASP Zed Attack Proxy

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help developers and functional testers automatically find security vulnerabilities in web applications while there are being developed and tested. It is also a great tool for experienced pentesters to use for manual security testing.

With support from the Core Infrastructure Initiative, one full-time ZAP core developer has been sponsored who is focusing on ZAP as a Service – an ambitious plan to allow ZAP to also be used as a long running, highly scalable, distributed service accessed by multiple users with different roles.