The Core Infrastructure Initiative (CII) and our members understand that preventing the next Heartbleed not only requires supporting new and established projects but educating the open source ecosystem and the companies who support it on secure coding practices. CII is offering a full suite of programs to fortify open source security.  More detail on our programs is provided below.

Identify

The Census Program identifies open source projects that might constitute Core Infrastructure.

LEARN MORE

Audit

The Audit Program arranges for security audits of open source projects, with a focus on projects identified by the Census Program as Core Infrastructure.

LEARN MORE

Advise

The Best Practices Program outlines best practices for open source projects and offers a set of tools to measure and communicate compliance with best practices recommendations.

LEARN MORE

Assist

The Assistance Program makes grants and provides assistance to open source projects, primarily for the purpose of improving security.

LEARN MORE