Security News > 2020 > August > Linux Foundation rolls bunch of overlapping groups into one to tackle growing number of open-source security vulns

The OpenSSF is a consolidation of several pre-existing efforts in the same space and intends bring the Open Source Security Coalition and the Core Infrastructure Initiative under one roof.
The CII is an existing Linux Foundation project that has wide support, including from AWS, Facebook, Huawei, Cisco, Intel, Qualcomm, and VMware, as well as most of the OpenSSF founder members mentioned above.
The Linux Foundation said that OpenSSF is not just CII renamed.
"The CII was funded largely by grants, OpenSSF will be supported by Linux Foundation membership dues with targeted organization contributions to support initiatives."
The Linux Foundation said another project to be absorbed is GitHub's OSSC, and "All of the OSSC members and their projects will now be a part of the OpenSSF".
News URL
https://go.theregister.com/feed/www.theregister.com/2020/08/03/linux_foundation_forms_openssf/
Related news
- OSPS Baseline: Practical security best practices for open source software projects (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- NetBird: Open-source network security (source)
- IntelMQ: Open-source tool for collecting and processing security feeds (source)
- New Ubuntu Linux security bypasses require manual mitigations (source)
- YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)