INTELLIGENT BRANDS // Software for Business
OpenSSF announces new members to strengthen open-source software supply chain security
The Open-Source Security Foundation ( OpenSSF ) announces 15 new members from across a range of sectors to further strengthen open-source software supply chain security .
The Open-Source Security Foundation ( OpenSSF ), a crossindustry organization hosted at the Linux Foundation that brings together the world ’ s most important software supply chain security initiatives , has announced 15 new members from leading software development , cybersecurity , financial services , communications and academic sectors .
“ Our 15 new members join a growing community of organizations , developers , researchers and security professionals that are investing time and resources required to respond in this constantly evolving threat landscape .”
Open-source software has become the foundation on which our digital economy is built . As noted in the Linux Foundation ’ s 2022 Software Bill of Materials ( SBOM ) and Cybersecurity Readiness report , 98 % of organizations use open-source regularly .
The same study revealed that 72 % of organizations are very or extremely concerned about software security .
This round of commitments is led by two new premier members , Atlassian and Sonatype , who will join the OpenSSF governing board . New general member commitments come from Arnica , Bloomberg , Comcast , Cycode , F5 Networks , Futurewei Technologies , Legit Security , Sectrend , SUSE , and Tenable .
“ We are thrilled to welcome Atlassian and Sonatype , two companies who play critical roles in modern software development and security , to the OpenSSF governing board ,” said Brian Behlendorf , General Manager at OpenSSF .
“ Open-source software supply chain attacks threaten the very foundations of innovation that billions of people rely upon .
Recent vulnerabilities , such as the one impacting Log4j , have caused many organizations to prioritize software supply chain security and realize the need to be fully abreast of the open-source ecosystem , as well as contributing to it . From governments to businesses , open-source security has been brought to the top of the agenda as a priority issue to address and as a result , OpenSSF is seeing membership rise at a rapid pace .
The latest commitments follow a productive period for OpenSSF in which the foundation expanded its core working groups to include Securing Software Repositories . This group aims to improve cybersecurity practices where developers download open-source packages most often . p
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 71