OpenSSF: Alpha-Omega Project Aims to Enhance OSS Security and Testing

Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing.

Microsoft and Google are supporting the Alpha-Omega Project with an initial investment of $5 million. This builds on previous industry-wide investments into OpenSSF aiming to improve open source software security.

Widely deployed OSS projects that are critical to global infrastructure and innovation have become top targets for adversarial attacks. Following new vulnerability disclosures, adversary attacks can be seen within hours. For example, recently discovered vulnerabilities in the widely deployed Log4j library forced many organizations into crisis as they raced to update applications using the popular library before adversaries could attack.