150 Million US Dollars To Secure Open Source Softwares

Abdul Ghani

Amazon, Microsoft, Google, and others want to solve the IT security problem primarily with money. 30 million US dollars are already available. With the collaboration project of the Open Source Security Foundation (OpenSSF), big names in the IT industry want to standardize their security practices and thus better secure the open-source world. A ten-point plan presented by the OpenSSF for this purpose is to include funding of around 150 million US dollars over the next two years, as the organization announced.

https://img.particlenews.com/image.php?url=2lJrdo_0fgXG6UI00
Open Source Software Project.Image by Kristina D.C. Hoeppner From Flickr

A first tranche of the planned sum comes from early supporters of the OpenSSF. According to the announcement, these include Amazon, Ericsson, Google, Intel, Microsoft, and VMware, who initially want to jointly provide 30 million US dollars. It continues: "As the plan evolves, additional funding will be identified and work will begin as individual funding streams are agreed."

The measures in the ten-point plan include better security training, building a risk analysis for thousands of open source components, rolling out digital signatures for releases, and replacing existing components in a language with memory security. The latter is currently being promoted by Google, for example via a Rust module for the Apache web server, Rustls, or Rust in the Linux kernel.

The OpenSSF also relies on code scanning or securing the so-called software supply chain, which includes package managers such as NPM. A large part of the work is not implemented by the organization itself, but by its member companies. For example, Google has announced an open-source maintenance crew that will work with the upstream projects to ensure their security.

Comments / 0

Published by

Member Of Freelancers Union (USA), Freelance Writer!, and Digital Creator. Ghani Mengal is an enthusiast Freelance blogger and digital marketer. His content has been published and featured on many popular blogs, websites, and publications. Including TeelFeed, LifeHack.org, Data-Driven Investor, TextSniper, Scientific Publication The Predict, The Startup, The Ascent, Heart Affairs, Illumination, And The List goes on.

N/A
1855 followers

More from Abdul Ghani

Comments / 0