Open Source Security Foundation Raises $10 Million in New Commitments to Secure Software Supply Chains
LOS ANGELES, Oct. 13, 2021 /PRNewswire/ -- KubeCon – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it has raised $10 million in new investments to expand and support the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together multiple open source software initiatives under one umbrella to identify and fix cybersecurity vulnerabilities in open source software and develop improved tooling, training, research, best practices and vulnerability disclosure practices. Open source luminary Brian Behlendorf will serve the OpenSSF community as General Manager.
Industry leaders from technology, financial services, telco and cyber sectors respond to Biden's Executive Order
Financial commitments from Premier members include Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, Google, IBM, Intel, JPMorgan Chase, Microsoft, Morgan Stanley, Oracle, Red Hat, Snyk and VMware. Additional commitments come from General members Aiven, Anchore, Apiiro, AuriStor, Codethink, Cybertrust Japan, Deepfence, Devgistics, DTCC, GitLab, Goldman Sachs, JFrog, Nutanix, StackHawk, Tencent, TideLift and Wind River.
"This pan-industry commitment is answering the call from the White House to raise the baseline for our collective cybersecurity wellbeing, as well as 'paying it forward' to open source communities to help them create secure software from which we all benefit," said Jim Zemlin, executive director at the Linux Foundation. "We're pleased to have Brian Behlendorf's leadership and extensive expertise on building and sustaining large communities and technical projects applied to this work. With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand."
According to industry reports ("2021 State of the Software Supply Chain," by Sonatype), software supply chain attacks have increased 650 percent and are having a severe impact on business operations. In the wake of increasing security breaches, ransomware attacks and other cybercrimes tied to open source software, government leaders around the world are calling for private and public collaboration. Because open source software makes up at least 70 percent of all software ("2020 Open Source Security and Risk Analysis Report" by Synopsys), the OpenSSF offers the natural, neutral and pan-industry forum to accelerate the security of the software supply chain.
"There has never been a more exciting time to work in the open source community, and software supply chain security has never needed more of our attention," said Brian Behlendorf, general manager, Open Source Security Foundation. "There is no single silver bullet for securing software supply chains. Research, training, best practices, tooling and collaboration require the collective power of thousands of critical minds across our community. Funding for OpenSSF gives us the forum and resources to do this work."
The OpenSSF is home for a variety of open source software, open standards and other open content work for improving security. Examples include:
Premiere Member Quotes
General Member Quotes
About the Linux Foundation
The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.
View original content to download multimedia:https://www.prnewswire.com/news-releases/open-source-security-foundation-raises-10-million-in-new-commitments-to-secure-software-supply-chains-301399530.html
SOURCE The Linux Foundation
Continental Breakfast - For Paid Conference Pass Holders, Exhibitors, Sponsors, Speakers, Press
Keynote: Cannabis Business and Technology 101
Solutions Showcase - Battle for the ROI