|
|
To print: Select File and then Print from your browser's menu
-------------------------------------------------------------- This story was printed from ZDNet Australia. --------------------------------------------------------------
|
PHP, Perl and Python pass Homeland Security test By Robert Vamosi, CNET News.com January 09, 2008 URL: http://www.zdnet.com.au/news/security/soa/PHP-Perl-and-Python-pass-Homeland-Security-test/0,130061744,339284949,00.htm
Coverity, which creates automated source-code analysis tools, announced late Monday its first list of open-source projects that have been certified as free of security defects. Eleven projects made the list: Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL. San Francisco-based Coverity, working in collaboration with Stanford University and under a contract from the Department of Homeland Security, is analysing source code to certify that open-source projects written in C, C++, and Java are secure. Coverity has not disclosed the amount of the DHS contract. The certification was created so that companies can "select these open-source applications with even greater confidence," Coverity said. The company uses a ladder metaphor in its certification process. Rung 2, which was announced late Monday and is the most secure level to date, includes the 11 projects. Rung 1 now includes 86 projects. Rung 0, the lowest level, currently lists 173 projects. In all cases, open-source vendors must fix all vulnerabilities discovered by Coverity's tools in order to move up the rungs of the security ladder.
Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved. |
