Navigation
Search
|
The Linux Foundation's "security mobilization plan"
Wednesday May 25, 2022. 05:54 PM , from LWN.net
The Linux Foundation has posted an 'Open Source
Software Security Mobilization Plan' that aims to address a number of perceived security problems with the expenditure of nearly $140 million over two years. While there are considerable ongoing efforts to secure the OSS supply chain, to achieve acceptable levels of resilience and risk, a more comprehensive series of investments to shift security from a largely reactive exercise to a proactive approach is required. Our objective is to evolve the systems and processes used to ensure a higher degree of security assurance and trust in the OSS supply chain. This paper suggests a comprehensive portfolio of 10 initiatives which can start immediately to address three fundamental goals for hardening the software supply chain. Vulnerabilities and weaknesses in widely deployed software present systemic threats to the security and stability of modern society as government services, infrastructure providers, nonprofits and the vast majority of private businesses rely on software in order to function.
https://lwn.net/Articles/896244/
|
25 sources
Current Date
Mar, Thu 28 - 13:45 CET
|