Celebrate the anniversary of the President’s birth Biden’s executive order to improve the nation’s cybersecurityThe Linux Foundation and the Open Source Software Security Foundation have teamed up with 90 private sector executives and government leaders to create a 10-point plan to increase the security of open source software.
The plan has three main goals – to securely create open source software, improve the detection and elimination of vulnerabilities, and reduce response time to fix the ecosystem – according to the announcement.
The Open source software security mobilization plan offers 10 specific streams of investment in open source security, including: education, risk assessment, digital signatures, memory security, incident response, better scanning, code audit, data sharing, SBOM and improvement software supply chain. The plan outlines the need for additional funding of about $ 150 million over the next two years. Amazon, Google, Ericsson, Intel, Microsoft and VMware have promised an initial investment of $ 30 million in between.
“What we’re doing here together is bringing together a set of ideas and principles of what’s broken there, and what we can do to fix it,” said Brian Bellendorf, executive director of the Open Source Security Foundation (OpenSSF). in a statement stating. a new initiative of the group. “The plan we made is 10 flags in the ground as a basis to start. We want to make further contributions and commitments that take us from plan to action. ”