Security News > 2021 > May > Biden's executive order calls for greater open source security but not how to achieve it
Commentary: It's progress that President Biden's executive order recognizes the need to secure open source software.
Writing at that time, Recordon said, "The pandemic and ongoing cyber security attacks present new challenges for the entire Executive Office of the President." Fast forward to May 2021, and President Biden issued an executive order on improving the nation's cybersecurity, with Recordon's open source fingers all over the document.
Biden's executive order insists upon "Ensuring and attesting, to the extent practicable, to the integrity and provenance of open source software used within." What it doesn't do is identify just how this will be done.
It's one of the key challenges for open source software, and one that an executive order can influence but not fix.
It's exciting that the executive order calls out the importance of securing open source software, but perhaps not surprising.
There doesn't seem to be One True Way™ to fund open source sustainability, so applying multiple ways toward the goal of sustaining and securing open source software is critical.
News URL
Related news
- Paid open-source maintainers spend more time on security (source)
- Certainly: Open-source offensive security toolkit (source)
- Open source maintainers: Key to software health and security (source)
- Osmedeus: Open-source workflow engine for offensive security (source)
- Am I Isolated: Open-source container security benchmark (source)