Security News > 2022 > January > White House reminds tech giants open source is a national security issue
Discussions on this topic took place during the Open Source Software Security Summit convened by the Biden administration on Thursday.
Participants focused on three topics: preventing security defects and vulnerabilities in open source software, improving the process for finding security flaws and fixing them, and shrinking the time needed to deliver and deploy fixes.
"Most major software packages include open source software - including software used by the national security community," a readout of the meeting on software security reads.
"Open source software brings unique value, and has unique security challenges, because of its breadth of use and the number of volunteers responsible for its ongoing security maintenance."
For too long, the software community has taken comfort in the assumption that open source software is generally secure due to its transparency and the assumption that 'many eyes' were watching to detect and resolve problems.
Growing reliance on open source means that it's time for industry and government to come together to establish baseline standards for security, maintenance, provenance, and testing - to ensure national infrastructure and other important systems can rely on open source projects.
News URL
Related news
- Ex-NSA grandee says Trump's staff cuts will 'devastate' America's national security (source)
- How to safely dispose of old tech without leaving a security risk (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- NetBird: Open-source network security (source)
- FCC stands up Council on National Security to fight China in ways that CISA used to (source)
- IntelMQ: Open-source tool for collecting and processing security feeds (source)
- Forget Signal. National Security Adviser Waltz now accused of using Gmail for work (source)
- YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection (source)