Open Source Community Shifts Left With OpenSSF, Google SLSA
1 min read
Oct 26, 2021
Security is becoming an increasingly key piece of the open source puzzle amid industry-wide pushes to shift left and integrate security during early stages of application development. The Linux Foundation’s Open Source Security Foundation (OpenSSF), which encompasses Google’s Supply chain Levels for Software Artifacts (SLSA), is one example of how the open source community is working to improve software security through an ecosystem approach, vying for proactive handling of security by default.
OpenSSF brings together players like Cisco, GitHub, Google, VMware, and others to develop better security tools and practices for open source application development without bias toward a specific ecosystem or vendor.
“It’s been very much a volunteer-driven effort involving all sorts of companies and individual software experts,” OpenSSF GM Brian Behlendorf said during a KubeCon press conference.
Related Articles
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Linux Kernel 'Make-Me-Root' Flaw Threatens Popular Distros
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
