PHP, Perl and Python pass Homeland Security test

Coverity, which creates automated source-code analysis tools, announced late Monday its first list of open-source projects that have been certified as free of security defects.

Eleven projects made the list: Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL.

San Francisco-based Coverity, working in collaboration with Stanford University and under a contract from the Department of Homeland Security, is analysing source code to certify that open-source projects written in C, C++, and Java are secure. Coverity has not disclosed the amount of the DHS contract.

The certification was created so that companies can "select these open-source applications with even greater confidence," Coverity said.

The company uses a ladder metaphor in its certification process.