This week, the Open Source Summit North America is being held in Vancouver.
The celebration of the open source community is being held by the Linux Foundation. It has the backing of numerous influential participants in the market, as seen by the news that was released at the event from AWS, Meta, and other sources.
You may use clear policies and the Cedar language to set permissions in your applications. Application teams can separate access control from application logic by utilising Cedar. It was created utilising verification-guided development, which guarantees Cedar is accurate and safe. It supports both attribute-based and role-based access control.
The SDKs for the language, which include libraries for developing and analysing policies, are also made available. By making the language open source, AWS intends to encourage greater innovation in the field of fine-grained access management and increase everyone’s access to access control.
AWS claims that in order for current fuzzing techniques to be effective, huge codebases must be refactored. Targets can undergo fuzz testing with little to no changes thanks to the new Snapchange framework.
Snapchange, which was created in Rust, allows programmers to create fuzzers that repeat snapshots of the physical memory in a KVM virtual machine. A bill of materials’ contents can be sent via the open source standard known as Software Package Data Exchange (SPDX). Currently, the Linux Foundation is hosting it.
With the inclusion of six new, distinctive profiles in RC 3.0 that are created for common use cases, SPDX is intended to more effectively meet the demands of the market. The specifications for security, licencing, AI, datasets, and software packaging build procedures are included in the profiles, which were developed based on community feedback. The Linux Foundation claims that the need for an international standard for supply chain security, which SPDX wants to be, was inspired by the European Cyber Resiliency Act and the United States’ executive order on cybersecurity.
OpenSSF just got $2.5 million from Google and $2.5 million from Microsoft through its Alpha-Omega Project. Additionally, Hitachi, Lockheed Martin, Salesforce, and SAP became full members, according to an announcement from OpenSSF. Omkhar Arasaratnam and Brian Behlendorf were both named as the foundation’s new general manager and chief technology officer, respectively.