in ,

Open SSF, The Linux Foundation Seek to Improve Open Source Software Security With 10-Point Plan

Open SSF, The Linux Foundation Seek to Improve Open Source Software Security With 10-Point Plan - top government contractors - best government contracting event

The Linux Foundation and the Open Source Software Security Foundation have come up with a 10-point plan to address and improve the security of open source and software supply chain.

The plan has three goals and these are securing open source security production, improving vulnerability discovery and remediation and shortening ecosystem patching response time, the Linux Foundation said Thursday.

Several companies have initially pledged more than $30 million to support the plan’s implementation, including Amazon, Microsoft, Google, VMware, Intel and Ericsson.

“We have a shared obligation to upgrade our collective cybersecurity resilience and improve trust in software itself. This plan represents our unified voice and our common call to action. The most important task ahead of us is leadership,” said Jim Zemlin, executive director of the Linux Foundation.

The 10-point plan outlines several actions to improve open source software security, such as delivering baseline secure software development education and certification to all, accelerating the adoption of digital signatures on software releases, establishing the OpenSSF Open Source Security Incident Response Team and improving software bill of materials tooling and training to advance adoption.

“The plan we have put together represents the 10 flags in the ground as the base for getting started. We are eager to get further input and commitments that move us from plan to action,” said Brian Behlendorf, executive director of OpenSSF.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Technology

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Open SSF, The Linux Foundation Seek to Improve Open Source Software Security With 10-Point Plan - top government contractors - best government contracting event
Mitch Murphy Appointed NetCentrics Business Development Director
Open SSF, The Linux Foundation Seek to Improve Open Source Software Security With 10-Point Plan - top government contractors - best government contracting event
Executive Spotlight: Denise Oberndorf, VP of Growth, Defense and Intel with Capgemini Government Solutions