Linux, OpenSSF Champion Plan to Improve Open Source Security

  /     /     /  
Publicated : 23/11/2024   Category : security

Linux, OpenSSF Champion Plan to Improve Open Source Security


The White House and tech industry pledge $150 million over two years to boost open source resiliency and supply chain security.


Marking the one-year anniversary of President
Bidens Executive Order on Improving the Nations Cybersecurity
, the Linux Foundation and the Open Source Software Security Foundation joined with 90 private-sector executives and government leadership to create a 10-point plan to improve the security of open source software. 
The plan has three primary goals — secure open source software production, improve vulnerability discovery and remediation, and shorten ecosystem patching response time — according to the announcement. 
The
Open Source Software Security Mobilization Plan
proposes 10 specific streams of investment in open source security including: education, risk assessment, digital signatures, memory safety, incident response, better scanning, code audits, data sharing, SBOMs, and improved
software supply chain
. The plan outlines the need for about $150 million in additional funding over the next two years. Amazon, Google, Ericsson, Intel, Microsoft, and VMware have pledged an initial investment of $30 million between them.
What we are doing here together is converging a set of ideas and principles of what is broken out there and what we can do to fix it, Brian Behlendorf, executive director, Open Source Security Foundation (OpenSSF), said in a statement announcing the groups new initiative.
 
The plan we have put together represents the 10 flags in the ground as the base for getting started. We are eager to get further input and commitments that move us from plan to action.”

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Linux, OpenSSF Champion Plan to Improve Open Source Security