Discover Security Projects News

Open Source Community Shifts Left With OpenSSF, Google SLSA

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security is becoming an increasingly key piece of the open source puzzle amid industry-wide pushes to shift left and integrate security during early stages of application development. The Linux Foundation’s Open Source Security Foundation (OpenSSF), which encompasses Google’s Supply chain Levels for Software Artifacts (SLSA), is one example of how the open source community is working to improve software security through an ecosystem approach, vying for proactive handling of security by default.

Linux Foundation raises $10M to support open-source security project

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux Foundation has raised $10 million in new investments to expand and support its Open Source Security Foundation project. “This industrywide commitment is answering the call from the White House to raise the baseline for our collective cybersecurity well-being, as well as ‘paying it forward’ to open source communities to help them create secure software from which we all benefit,” Jim Zemlin, executive director at the Linux Foundation, said in a statement.  “With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.”