The Cyber Security Division at the Department of Homeland Security plans to award funding for a project designed to improve the performance of static code analysis tools. The project is called STAMP, or Static Tool Analysis Modernization Project, and is designed to bring neglected open-source static analysis tools up-to-date. The other effort is to create a bug-bounty approach, a vulnerability incentive research platform, where we leverage the power of crowd sourcing to find vulnerabilities and create fixes. The goal is to eventually have something like the Underwriters Lab, but for software.”]
Source: https://www.csoonline.com/article/3049999/feds-tackle-open-source-code-quality.html