Feds tackle open source code quality

Even as the White House is calling on federal agencies to make more use of open source projects, there’s also a federal effort under way to reduce the number of vulnerabilities in those products via better code review tools and bug bounties.

By the end of September, the Cyber Security Division at the Department of Homeland Security plans to award funding for a project designed to improve the performance of static code analysis tools.

“We’re in the process of approving proposals now from academia and small businesses,” said Kevin Greene, the division’s software assurance program manager.

[ ALSO ON CSO: Romancing development: How to avoid feeling vulnerable with open source ]

To read this article in full or to leave a comment, please click here