Security News > 2022 > March > The Linux Foundation’s Census of OSS app libraries helps prioritize security work

The Linux Foundation announced the final release of "Census II of Free and Open Source Software - Application Libraries," which identifies more than one thousand of the most widely deployed open source application libraries.

This study informs what open source packages, components and projects warrant proactive operations and security support.

The study allows for a more complete picture of free and open source software adoption by analyzing usage data provided by partner Software Composition Analysis companies Snyk, the Synopsys Cybersecurity Research Center, and FOSSA and is based on their scans of codebases at thousands of companies.

"Understanding what FOSS packages are the most critical to society allows us to proactively support projects that warrant operations and security support," said Brian Behlendorf, general manager at OpenSSF. "Open source software is the foundation upon which our day-to-day lives run, from our banking institutions to our schools and workplaces."

Census II includes eight rankings of the 500 most used FOSS packages among those reported in the private usage data contributed by SCA partners.

"Our goal is to not only identify the most widely used FOSS but also provide an example of how the distributed nature of FOSS requires a multi-party effort to fully understand the value and security of the FOSS ecosystem. Only through data-sharing, coordination, and investment will the value of this critical component of the digital economy be preserved for generations to come," said Frank Nagle, Assistant Professor, Harvard Business School.

News URL

https://www.helpnetsecurity.com/2022/03/03/open-source-application-libraries/