The Linux Foundation Core Infrastructure Initiative (CII) recently announced the general availability of its best-practices badge project, which is meant to help projects follow practices that will improve their security. This article focuses on what the badge criteria currently are, including how they were developed and some specific examples, and talks about the project as a whole.