Cyber Independent Testing Lab (CITL) is building a Consumer Reports-style rating system to grade the security of software. The CITL presented their methodology and some preliminary results at the 34c3 hacker conference in Leipzig, Germany, a few weeks ago. The vast amount of low-hanging fruit that attackers currently enjoy can be taken away from them, and at low cost to software vendors and enterprise security administrators. The more complex the code, the more likely it is to contain security flaws.”]