Americas’ First OpenChain Security Assurance Specification Conformance Is Announced


A new certification gives BlackBerry’s software supply chain added sturdiness and gives customers an additional layer of security.

In order to give customers a higher level of security assurance, BlackBerry Limited today announced that it is the first company in the Americas to receive the OpenChain Security Assurance Specification, a best-in-class validation of the company’s ability to manage open-source vulnerabilities and risks as part of its software supply chain.

The OpenChain Project of the Linux Foundation aims to build confidence in open-source software. BlackBerry customers will have more faith in the company’s capacity to control the use of open source software across its cybersecurity and IoT product portfolios thanks to the use of the OpenChain Security Assurance Specification.

The accomplishment builds on BlackBerry’s prior adoption of OpenChain ISO/IEC 5230:2020, the global standard for open source licence compliance, which outlines the essential components of a high-quality open source compliance programme and makes them adoptable by businesses of all sizes and industries.

“Building a more resilient and trusted software supply chain is critical to the future of secure software, and BlackBerry is proud to be a leader in this space,” said Christine Gadsby, Vice President, Product Security at BlackBerry. “We’re committed to adopting a higher standard for our software supply chain as cyberattacks grow and stringent regulatory standards come into effect.”

“BlackBerry has one of the deepest commitments in the security industry to bringing increased peace of mind to enterprise and governmental organizations,” said Russ Eling, CEO, OSS Consultants, who worked with BlackBerry to gain the new accreditation. “This added certification highlights BlackBerry’s position as a trusted supply chain vendor and serves as an example for others to follow. BlackBerry was able to meet the specification through its existing policies and processes due to its long history and commitments to responsible management of open source. BlackBerry has a team of experts who have developed their practices, tooling, and operational capability to manage the vulnerabilities that arise within open source libraries.”


Please enter your comment!
Please enter your name here