OpenSSF and The Linux Foundation propose 10 streams of investment to improve cybersecurity practices within open source development, code reviews, developer training, and software distribution.
The Open Source Software Security Mobilization Plan
Open source software is pervasive in data centers, consumer devices, and applications. Securing open source supply chains requires a combination of automated tooling, best practices, education, and collaboration.
“We believe open source is a public good and across every industry we have a responsibility to come together to improve and support the security of open source software we all depend on. It is one of the most important things we can do.”
OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.
Join the growing list of organizations supporting the advancement of securing open source technology and funding the development and adoption of OpenSSF initiatives.