OpenSSF adds new members to advance open source security education
OpenSSF, a cross-industry collaboration to secure the open source ecosystem, has announced new membership commitments to advance open source security education and best practices. The new members include Citi, Comcast, DevSamurai, Hewlett Packard Enterprise (HPE), Mirantis and Snyk.
Kay Williams, governing board chair, OpenSSF, and supply chain security lead, Azure office of the CTO, Microsoft, said, “Open source software is embedded in the world’s technology infrastructure and warrants our dedication to ensuring its security. We welcome the latest OpenSSF new members and applaud their commitment to advancing supply chain security for open source software and its technology and business ecosystem.”
Because of its development process, open source has a chain of contributors and dependencies before it ultimately reaches its end users. It is important that those responsible for their users’ or organisation’s security are able to understand and verify the security of this dependency supply chain.
The OpenSSF is a crossindustry collaboration that brings together technology leaders to improve the security of OSS. Its working groups include Securing Critical Projects, Security Tooling, Identifying Security Threats, Vulnerability Disclosures, Digital Identity Attestation, and Best Practices. OpenSSF has more than 35 members and associate members contributing to working groups, technical initiatives and the governing board, and helping to advance open source security best practices.