Press Releases
CODENOMICON LAUNCHES PROGRAM TO BENEFIT OPEN SOURCE SECURITY
San Jose, CA and Oulu, Finland - March 26, 2007 - Codenomicon Ltd., a leading provider of state-of-the-art software security testing solutions, today announced its CROSS (Codenomicon Robust Open Source Software) benefit program for helping open source projects fix critical flaws in their code.
During the past 15 years, the use of open source software has exploded in a totally unprecedented scale throughout the entire world. Enterprises, governments, even financial institutions increasingly rely on popular open source projects to supply them with mission-critical server software and applications. Using open source in these critical environments places great demands on its security, dependability and overall quality.
Although in open source all code is available for inspection, bugs and vulnerabilities still plague it just like any other software. Large codebases are too complex to audit manually, automatic source code scanners do not provide perfect results, and many open source projects still have too few resources for dedicated testing. Codenomicon's CROSS program provides open source projects with full access to its award-winning DEFENSICS testing solutions, helping the projects find and fix a large number of critical flaws very rapidly. This differs radically from the traditional model of users and security researchers reporting bugs one by one, while the open source developers continually scrambling to fix the flaws with short notices and limited resources.
"Open source projects can use all the help they can get," says Erka Koivunen, director of the Finnish National Computer Emergency Response Team (CERT-FI). "Moving away from the traditional penetrate-and-patch paradigm towards a more proactive approach to fixing security vulnerabilities yields great benefits to open source projects. Systematic testing for security vulnerabilities has proven to be a great tool in this process. It reduces the likelihood of new bugs being reported daily, and in the long run will ultimately make open source software much more dependable."
At the first phase of the CROSS initiative, Codenomicon has targeted 15-20 hand-picked open source projects. Codenomicon is committed to make CROSS a longer-term sustainable program, continuing to help many more open source projects over time, and embracing the chance to give something back to the booming open source community and its users.
