Security News > 2020 > August > New Open Source Security Foundation wants to improve open source software security
The Linux Foundation announced the formation of the Open Source Security Foundation, a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community with targeted initiatives and best practices.
It combines efforts from the Core Infrastructure Initiative, GitHub's Open Source Security Coalition and other open source security work from founding governing board members GitHub, Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation and Red Hat, among others.
The Linux Foundation's Core Infrastructure Initiative, founded in response to the 2014 Heartbleed bug, and the Open Source Security Coalition, founded by the GitHub Security Lab, are just a couple of the projects that will be brought together under the new OpenSSF. The Foundation's governance, technical community and its decisions will be transparent, and any specifications and projects developed will be vendor agnostic.
"We believe open source is a public good and across every industry we have a responsibility to come together to improve and support the security of open source software we all depend on," said Jim Zemlin, executive director at The Linux Foundation.
OpenSSF intends to host a variety of open source technical initiatives to support security for the world's most critical open source software, all of which will be done in the open on GitHub.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ockPFBTEgZc/
Related news
- Open source maintainers: Key to software health and security (source)
- Osmedeus: Open-source workflow engine for offensive security (source)
- Am I Isolated: Open-source container security benchmark (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Debunking myths about open-source security (source)
- AxoSyslog: Open-source scalable security data processor (source)