Security News > 2023 > April > Google Cloud offers Assured Open Source Software for free

Google Cloud offers Assured Open Source Software for free
2023-04-12 22:34

Open source software and software supply chain security risks continue to be a primary concern for developers and organizations.

According to a 2022 study by electronic design and automation company Synopsys, 84% of open source software codebases contained at least one known vulnerability - a nearly 4% increase from last year - and 48% contained a high-risk vulnerability.

In response to the threats hidden in open source software, Google Cloud is making its Assured Open Source Software service for Java and Python ecosystems available to all at no cost.

"Software supply chain attacks targeting open source continue to increase. Secure ingest of open source packages is a widespread challenge for organizations and developers wherever they choose to build code," he said.

Figure A. Mike McGuire, senior software solutions manager at Synopsys, explained that Google has a direct interest in the open source community being as secure as possible.

Google said the Assured OSS program will make it possible for organizations to get OSS packages from a vetted source and know what the software comprises because it includes Google's software bill of materials, generally known as SBOMs. The company said the Assured OSS project includes 1,000 Java and Python packages and reduces the need for DevOps teams to establish and operate their own OSS security workflows.


News URL

https://www.techrepublic.com/article/google-cloud-offers-aoss-free/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995
Free 9 0 3 1 3 7