- Open source software (OSS) has become pervasive in data centers, consumer devices and services, representing its value among technologists and businesses alike
- New members include Citi, Comcast, DevSamurai, Hewlett Packard Enterprise (HPE), Mirantis, and Snyk
OpenSSF, a cross-industry collaboration to secure the open source ecosystem has announced new membership commitments to advance open source security education and best practices. New members include Citi, Comcast, DevSamurai, Hewlett Packard Enterprise (HPE), Mirantis, and Snyk.
Kay Williams, Governing Board Chair, OpenSSF, and Supply Chain Security Lead, Azure Office of the CTO, Microsoft said, “Open source software is embedded in the world’s technology infrastructure and warrants our dedication to ensuring its security. We welcome the latest OpenSSF new members and applaud their commitment to advancing supply chain security for open source software and its technology and business ecosystem.”
Open source software (OSS) has become pervasive in data centres, consumer devices and services, representing its value among technologists and businesses alike. Because of its development process, open source has a chain of contributors and dependencies before it ultimately reaches its end users. It is important that those responsible for their user or organization’s security are able to understand and verify the security of this dependency supply chain.
Improve the security of OSS
The OpenSSF is a cross-industry collaboration that brings together technology leaders to improve the security of OSS. Its working groups include Securing Critical Projects, Security Tooling, Identifying Security Threats, Vulnerability Disclosures, Digital Identity Attestation, and Best Practices. OpenSSF has more than 35 members and associate members contributing to working groups, technical initiatives and governing board and helping to advance open source security best practices.