http://www.zdnet.com/article/mozilla-will-foot-the-bill-for-your-open-source-software-security-audit/#ftag=RSSbaffb68