The Core Infrastructure Initiative will give the badge to open source projects that meet a set of standard criteria. This includes an established bug reporting process, an automated test suite, vulnerability response processes and patching processes. A self-assessment will determine whether the project owners merit the badge. The CII only came into existence through the Linux Foundation following Heartbleed, the flaw in OpenSSL that threatened countless organizations around the world. The group is also considering the introduction of a fellowship program focused on modeling security threats.”]