Security News > 2022 > January > White House reminds tech giants open source is a national security issue
Discussions on this topic took place during the Open Source Software Security Summit convened by the Biden administration on Thursday.
Participants focused on three topics: preventing security defects and vulnerabilities in open source software, improving the process for finding security flaws and fixing them, and shrinking the time needed to deliver and deploy fixes.
"Most major software packages include open source software - including software used by the national security community," a readout of the meeting on software security reads.
"Open source software brings unique value, and has unique security challenges, because of its breadth of use and the number of volunteers responsible for its ongoing security maintenance."
For too long, the software community has taken comfort in the assumption that open source software is generally secure due to its transparency and the assumption that 'many eyes' were watching to detect and resolve problems.
Growing reliance on open source means that it's time for industry and government to come together to establish baseline standards for security, maintenance, provenance, and testing - to ensure national infrastructure and other important systems can rely on open source projects.
News URL
Related news
- Chinese 'connected' cars are a national security threat, says Biden (source)
- White House Recommends Memory-Safe Programming Languages and Security-by-Design (source)
- BSAM: Open-source methodology for Bluetooth security assessment (source)
- MobSF: Open-source security research platform for mobile apps (source)
- Lynis: Open-source security auditing tool (source)
- Tech industry’s focus on innovation leaves security behind (source)
- Drozer: Open-source Android security assessment framework (source)
- Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity (source)