After years of development, open source software has been widely used in various environments. However, for those who are responsible for the security of users and organizations, they must also be able to understand and verify their security. The good news is that under the leadership of the Linux foundation, the open source community has reached a cross industry collaboration.The new open source software security foundation (openssf) aims to bring a wide range of community leaders together to establish targeted programs and best practices to improve the security of open source software.
Jim zemlin, executive director of the Linux foundation, said: we believe that open source is a public service, and in every industry, we have a responsibility area to work together to improve and support the security of the open source software we rely on.
Ensuring open source security will be one of the most important things we can do. It needs everyone around the world to work together, and openssf will provide the forum it needs for real collaboration and cross industry efforts.
With the establishment of openssf, the organization will also establish a Council and a technical advisory committee, with separate oversight of each working group and project.
In addition, openssf plans to launch various open source technology projects to support the security of the world's most critical open source software, all of which will be announced on GitHub.