1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google bankrolls new push to improve security of critical open so

    From TechnologyDaily@1337:1/100 to All on Fri Sep 17 16:45:03 2021
    Google bankrolls new push to improve security of critical open source projects

    Date:
    Fri, 17 Sep 2021 15:23:01 +0000

    Description:
    Googles support is part of a larger $100 million commitment to secure the
    open source software supply chain.

    FULL STORY ======================================================================

    Google has provided significant financial support to the Open Source Technology Improvement Fund (OSTIF) as part of its larger push to support securing open source software .

    Following President Bidens cybersecurity meeting last month, Kent Walker, SVP of Global Affairs wrote about the companys $100 million pledge to support third-party foundations such as OpenSSF that manage open source security priorities and help fix vulnerabilities.

    The support for OSTIF, which will cover eight major projects, is part of that commitment explains Kaylin Trychon, from Google Open Source Security Team. Protect your devices with these best antivirus software Here's our choice of the best malware removal software on the market These are the best ransomware protection tools

    Googles support will allow OSTIF to launch the Managed Audit Program (MAP), which will expand in-depth security reviews to critical projects vital to the open source ecosystem, wrote Trychon. More bang for the buck

    The OSTIF came into being in May, 2015 and describes itself as a corporate non-profit organization that helps secure open source supply chains by
    helping solicit funds for noteworthy open source projects.

    For MAP, OSTIF identified 25 critical projects, which were further
    prioritized to identify the eight that will receive support from Google.

    Running through the list of the eight selected projects, which include libraries, frameworks, and apps, Trychon says they were selected because improving their security would make the largest impact on the open source ecosystem.

    These eight projects include the popular version control software , Git, a JavaScript utility library, Lodash, and a PHP web application framework, Laravel, along with five other Java related projects.

    The tie-up with OSTIF is Googles latest sponsorship for helping secure open source software and follows its financial backing for a couple of Linux
    kernel developers to work on security issues exclusively, in addition to its role in security initiatives such as the OpenSSF. We've put together a list
    of the best endpoint protection software



    ======================================================================
    Link to news story: https://www.techradar.com/news/google-bankrolls-new-push-to-improve-security-o f-critical-open-source-projects/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)