Discover Organizations/Events News
Linux Foundation Adopts Microsoft Framework for Supply Chain Security
Microsoft announced that its Secure Supply Chain Consumption Framework (S2C2F) has been adopted by the Linux Foundation’s Open Source Security Foundation (OpenSSF) in a move to improve “supply chain security for everyone,” according to Microsoft Azure CTO Mark Russinovich.
The OpenSSF’s adoption of the framework means “the community it serves can also now have a hand in growing and improving it,” Microsoft’s Principal Program Manager of Secure Software Supply Chain Adrian Diglio said.
The No. 2 cloud giant has been using S2C2F in its own open source software (OSS) development processes for the past three years, and as “a massive consumer of and contributor to open source, Microsoft understands the importance of a robust strategy around securing how developers consume and manage OSS dependencies when building software,” Russinovich explained.