Homeland Security awards open source audit grant

The Homeland Security Department is sponsoring a daily audit of major open source software to find vulnerabilities and bugs through a three-year, $1.2 million grant to Coverity Inc., Stanford University and Symantec Corp.

Stanford and San Francisco-based Coverity will build and maintain a system that automatically analyzes more than 40 open source software projects each day and publishes defects and vulnerabilities it finds on the Internet.

Funded by the Homeland Security Advanced Research Project Agency, the goal is to help the IT community identify and correct vulnerabilities in open source products from Linux, Apache, Mozilla and others.

The "Vulnerability Discovery and Remediation Open Source Hardening Project," is sponsored by DHS' Science and Technology Directorate as part of its critical infrastructure protection mission. Many open source software packages are in use by the federal government and industry.