• About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
Tech News, Magazine & Review
  • Home
  • Shop
  • Tech News

    Get a free Galaxy Watch 4 when you purchase a Z Fold 3, Z Flip 3 or S22 Ultra from Samsung

    Samsung showcases 200-megapixel camera sensor with a giant cat billboard

    Samsung showcases 200-megapixel camera sensor with a giant cat billboard

    FTC fines Twitter $150 million for using account security data to sell targeted ads

    FTC fines Twitter $150 million for using account security data to sell targeted ads

    Sony reveals PSVR 2 will launch with over 20 games

    Sony reveals PSVR 2 will launch with over 20 games

    SD Cards, monitors and earbuds on sale from Amazon Canada

    SD Cards, monitors and earbuds on sale from Amazon Canada

    Fortnite maker fears Apple and Google could monopolise the metaverse

    Fortnite maker fears Apple and Google could monopolise the metaverse

    Call of Duty: Warzone 2 map leaks

    Call of Duty: Warzone 2 map leaks

    Microsoft OneNote is receiving a major overhaul, still free to download

    Microsoft OneNote is receiving a major overhaul, still free to download

  • Review
    Living with Astro, Amazon’s home robot

    Living with Astro, Amazon’s home robot

    Avast One Essential

    Avast One Essential

    Hotpoint SI9 S8C1 SH IX H

    Hotpoint SI9 S8C1 SH IX H

    Why Ryzen Was Amazing and the Haters Were All Wrong

    Why Ryzen Was Amazing and the Haters Were All Wrong

    Sharp HT-SBW202

    Sharp HT-SBW202

    How to remap your Chromebook’s keyboard

    How to remap your Chromebook’s keyboard

    Asus ROG Strix Scar 15 (2022)

    Asus ROG Strix Scar 15 (2022)

    Lenco LS-410

    Lenco LS-410

  • Gear
    Samsung releases Poké Ball themed Galaxy Buds cases

    Samsung releases Poké Ball themed Galaxy Buds cases

    Apple's long-rumoured AR/VR headset could be getting closer to release

    Apple’s long-rumoured AR/VR headset could be getting closer to release

    Apple Lightning accesories

    USB-C might come to AirPods and other Apple accessories

    Google's AR Glass prototype shows you real-life subtitles

    Google’s AR Glass prototype shows you real-life subtitles

    DJI's Mini 3 Pro finally features 'Active Track,' and it's super fun

    DJI’s Mini 3 Pro finally features ‘Active Track,’ and it’s super fun

    AirPods USB-C

    Engineer creates first USB-C-powered AirPods

  • Gaming
    Microsoft and Costco have the Xbox Series X ready to order

    Microsoft and Costco have the Xbox Series X ready to order

    Lexar announces its SL660 BLAZE gaming portable SSD with RGB

    Lexar announces its SL660 BLAZE gaming portable SSD with RGB

    Lexar NM760 NVMe SSD With 5.3GBps Read Speeds, PlayStation 5 Support Launched in India

    Lexar NM760 NVMe SSD Aimed at Gamers, Filmmakers Launched in India

    Nvidia CEO Jensen Huang Says Interested in Exploring Chip Manufacturing With Intel

    Nvidia Says Video Gaming Market Slowing, COVID-19 Lockdowns to Blame

    PlayStation VR2 set to launch with over 20 ‘major’ games

    PlayStation VR2 set to launch with over 20 ‘major’ games

    Zotac Launches VR Gaming PC You Can Strap to Your Back - ExtremeTech

    Zotac Launches VR Gaming PC You Can Strap to Your Back – ExtremeTech

    Sony wants around half its games to be on PC and mobile by 2025

    Sony wants around half its games to be on PC and mobile by 2025

    Niantec’s Campfire Companion App Will Let Pokémon Go Players Chat, Organise Meetups

    Niantec’s Campfire Social App for Pokémon Go Players Announced

  • Smart Phones
    article thumbnail

    Microsoft’s popular ‘Psychonauts 2’ is now available on the Mac | AppleInsider

    How to add Safari to your iPhone and iPad home screen

    How to add Safari to your iPhone and iPad home screen

    article thumbnail

    Apple’s iPhone emergency SOS saves woman from attempted rape | AppleInsider

    How to tell what iPhone you have

    How to tell what iPhone you have

    Google Pixel 4 camera sample looking down on street view 1920x1080 1

    Daily Authority: 🗺 200MP & Wi-Fi 7

    iPad OS wishlist

    iPadOS 16 wishlist: Every new feature we hope to see at WWDC

    Samsung Galaxy S20 FE upright front

    We asked, you told us: Most of you are open to buying an older phone

    article thumbnail

    Apple to increase starting pay for hourly workers to $22 per hour | AppleInsider

  • More
    • Apps & Software
    • Computing
    • Security
No Result
View All Result
  • Home
  • Shop
  • Tech News

    Get a free Galaxy Watch 4 when you purchase a Z Fold 3, Z Flip 3 or S22 Ultra from Samsung

    Samsung showcases 200-megapixel camera sensor with a giant cat billboard

    Samsung showcases 200-megapixel camera sensor with a giant cat billboard

    FTC fines Twitter $150 million for using account security data to sell targeted ads

    FTC fines Twitter $150 million for using account security data to sell targeted ads

    Sony reveals PSVR 2 will launch with over 20 games

    Sony reveals PSVR 2 will launch with over 20 games

    SD Cards, monitors and earbuds on sale from Amazon Canada

    SD Cards, monitors and earbuds on sale from Amazon Canada

    Fortnite maker fears Apple and Google could monopolise the metaverse

    Fortnite maker fears Apple and Google could monopolise the metaverse

    Call of Duty: Warzone 2 map leaks

    Call of Duty: Warzone 2 map leaks

    Microsoft OneNote is receiving a major overhaul, still free to download

    Microsoft OneNote is receiving a major overhaul, still free to download

  • Review
    Living with Astro, Amazon’s home robot

    Living with Astro, Amazon’s home robot

    Avast One Essential

    Avast One Essential

    Hotpoint SI9 S8C1 SH IX H

    Hotpoint SI9 S8C1 SH IX H

    Why Ryzen Was Amazing and the Haters Were All Wrong

    Why Ryzen Was Amazing and the Haters Were All Wrong

    Sharp HT-SBW202

    Sharp HT-SBW202

    How to remap your Chromebook’s keyboard

    How to remap your Chromebook’s keyboard

    Asus ROG Strix Scar 15 (2022)

    Asus ROG Strix Scar 15 (2022)

    Lenco LS-410

    Lenco LS-410

  • Gear
    Samsung releases Poké Ball themed Galaxy Buds cases

    Samsung releases Poké Ball themed Galaxy Buds cases

    Apple's long-rumoured AR/VR headset could be getting closer to release

    Apple’s long-rumoured AR/VR headset could be getting closer to release

    Apple Lightning accesories

    USB-C might come to AirPods and other Apple accessories

    Google's AR Glass prototype shows you real-life subtitles

    Google’s AR Glass prototype shows you real-life subtitles

    DJI's Mini 3 Pro finally features 'Active Track,' and it's super fun

    DJI’s Mini 3 Pro finally features ‘Active Track,’ and it’s super fun

    AirPods USB-C

    Engineer creates first USB-C-powered AirPods

  • Gaming
    Microsoft and Costco have the Xbox Series X ready to order

    Microsoft and Costco have the Xbox Series X ready to order

    Lexar announces its SL660 BLAZE gaming portable SSD with RGB

    Lexar announces its SL660 BLAZE gaming portable SSD with RGB

    Lexar NM760 NVMe SSD With 5.3GBps Read Speeds, PlayStation 5 Support Launched in India

    Lexar NM760 NVMe SSD Aimed at Gamers, Filmmakers Launched in India

    Nvidia CEO Jensen Huang Says Interested in Exploring Chip Manufacturing With Intel

    Nvidia Says Video Gaming Market Slowing, COVID-19 Lockdowns to Blame

    PlayStation VR2 set to launch with over 20 ‘major’ games

    PlayStation VR2 set to launch with over 20 ‘major’ games

    Zotac Launches VR Gaming PC You Can Strap to Your Back - ExtremeTech

    Zotac Launches VR Gaming PC You Can Strap to Your Back – ExtremeTech

    Sony wants around half its games to be on PC and mobile by 2025

    Sony wants around half its games to be on PC and mobile by 2025

    Niantec’s Campfire Companion App Will Let Pokémon Go Players Chat, Organise Meetups

    Niantec’s Campfire Social App for Pokémon Go Players Announced

  • Smart Phones
    article thumbnail

    Microsoft’s popular ‘Psychonauts 2’ is now available on the Mac | AppleInsider

    How to add Safari to your iPhone and iPad home screen

    How to add Safari to your iPhone and iPad home screen

    article thumbnail

    Apple’s iPhone emergency SOS saves woman from attempted rape | AppleInsider

    How to tell what iPhone you have

    How to tell what iPhone you have

    Google Pixel 4 camera sample looking down on street view 1920x1080 1

    Daily Authority: 🗺 200MP & Wi-Fi 7

    iPad OS wishlist

    iPadOS 16 wishlist: Every new feature we hope to see at WWDC

    Samsung Galaxy S20 FE upright front

    We asked, you told us: Most of you are open to buying an older phone

    article thumbnail

    Apple to increase starting pay for hourly workers to $22 per hour | AppleInsider

  • More
    • Apps & Software
    • Computing
    • Security
No Result
View All Result
No Result
View All Result
Home Security

Open source security plan aims to deliver on development, patching and more

admin by admin
May 13, 2022
Open source security plan aims to deliver on development, patching and more
Share on FacebookShare on Twitter


open source

White House officials, The Linux Foundation, OpenSSF and 37 private sector tech companies have announced a 10-point open source and software supply chain mobilization plan and $150 million of funding over two years.

At a summit meeting yesterday several participating organizations came together to collectively pledge an initial tranche of funding towards implementation of the plan. Those companies are Amazon, Ericsson, Google, Intel, Microsoft, and VMWare, pledging over $30M.

This builds on the existing investments that OpenSSF community members make into open source software. An informal poll of stakeholders indicates they spend over $110M and employ nearly a hundred full-time equivalent employees focused on nothing but securing the open source software landscape. This plan adds to those investments.

Eric Brewer, VP of infrastructure at Google Cloud and Google Fellow says, “We’re thankful to the Linux Foundation and OpenSSF for convening the community today to discuss the open source software security challenges we’re facing and how we can work together across the public and private sectors to address them. Google is committed to supporting many of the efforts we discussed today, including the creation of our new Open Source Maintenance Crew, a team of Google engineers who will work closely with upstream maintainers on improving the security of critical open source projects, and by providing support to the community through updates on key projects like SLSA, Scorecards; and Sigstore, which is now being used by the Kubernetes project. Security risks will continue to span all software companies and open source projects and only an industry-wide commitment involving a global community of developers, governments and businesses can make real progress. Google will continue to play our part to make an impact.”

The agreed plan has three key goals, to secure open source production, improve vulnerability discovery and remediation, and to shorten patching response time.

“Today, we had the opportunity to share our IBM Policy Lab’s recommendations on how understanding the software supply chain is key to improving security,” says Jamie Thomas, enterprise security executive at IBM. “We believe that providing greater visibility in the software supply chain through SBoMs (Software Bill of Materials) and using the Open Source Software community as a valuable resource to encourage passionate developers to create, hone their skills, and contribute to the public good can help strengthen our resiliency. It’s great to see the strong commitment from the community to work together to secure open source software.”

The full 10-point plan is on the OpenSSF site, there’s a summary of the points below:

  • Security Education — Deliver baseline secure software development education and certification to all.
  • Risk Assessment — Establish a public, vendor-neutral, objective-metrics-based risk assessment dashboard for the top 10,000 (or more) OSS components.
  • Digital Signatures — Accelerate the adoption of digital signatures on software releases.
  • Memory Safety — Eliminate root causes of many vulnerabilities through replacement of non-memory-safe languages.
  • Incident Response — Establish the OpenSSF Open Source Security Incident Response Team, security experts who can step in to assist open source projects during critical times when responding to a vulnerability.
  • Better Scanning — Accelerate discovery of new vulnerabilities by maintainers and experts through advanced security tools and expert guidance.
  • Code Audits — Conduct third-party code reviews (and any necessary remediation work) of up to 200 of the most-critical OSS components once per year.
  • Data Sharing — Coordinate industry-wide data sharing to improve the research that helps determine the most critical OSS components.
  • SBOMs Everywhere — Improve SBOM tooling and training to drive adoption.
  • Improved Supply Chains — Enhance the 10 most critical OSS build systems, package managers, and distribution systems with better supply chain security tools and best practices.

Image credit: Artur Szczybylo/Shutterstock





Source link

admin

admin

Related Posts

Researchers uncover cybercriminal stronghold targeting Facebook users

Researchers uncover cybercriminal stronghold targeting Facebook users

May 26, 2022
Broadcom is acquiring VMware for $61 billion

Broadcom is acquiring VMware for $61 billion

May 26, 2022
BEC attacks get more businesslike to trick users

BEC attacks get more businesslike to trick users

May 26, 2022
Business-critical systems going unsecured and unmonitored

Business-critical systems going unsecured and unmonitored

May 25, 2022
Next Post
Steam Deck update adds per-game performance settings

Steam Deck update adds per-game performance settings

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Trending
  • Comments
  • Latest
Toshiba 65UK3163DB

Toshiba 65UK3163DB

April 18, 2022
article thumbnail

Compared: Amazon Fire 7 2022 vs iPad mini & 10.2-inch iPad | AppleInsider

May 22, 2022
How to deactivate your Twitter account

How to deactivate your Twitter account

April 14, 2022
Logitech launches low-cost vertical ergonomic mouse for smaller hands

Logitech launches low-cost vertical ergonomic mouse for smaller hands

April 19, 2022
Intel Arc A770 desktop GPU debuts in the Geekbench database

Intel Arc A770 desktop GPU debuts in the Geekbench database

0
New evidence supporting the existence of the Google Pixel Watch emerges

New evidence supporting the existence of the Google Pixel Watch emerges

0
Microsoft is developing an in-game advertising system for free-to-play games

Microsoft is developing an in-game advertising system for free-to-play games

0
WhatsApp testing ability to hide ‘Last Seen’ status from specific contacts on iOS

WhatsApp testing ability to hide ‘Last Seen’ status from specific contacts on iOS

0

Get a free Galaxy Watch 4 when you purchase a Z Fold 3, Z Flip 3 or S22 Ultra from Samsung

May 26, 2022
article thumbnail

Microsoft’s popular ‘Psychonauts 2’ is now available on the Mac | AppleInsider

May 26, 2022
Samsung showcases 200-megapixel camera sensor with a giant cat billboard

Samsung showcases 200-megapixel camera sensor with a giant cat billboard

May 26, 2022
Living with Astro, Amazon’s home robot

Living with Astro, Amazon’s home robot

May 26, 2022

Don't Miss.

Ubisoft Plus coming to PlayStation in future, huge PS Plus bonus for now

Ubisoft Plus coming to PlayStation in future, huge PS Plus bonus for now

May 16, 2022
Unreal Engine 5 demo is nearly indistinguishable from reality

Unreal Engine 5 demo is nearly indistinguishable from reality

May 10, 2022
Beldray 2-In-1 Cordless Vacuum (BEL01088ALFOB)

Beldray 2-In-1 Cordless Vacuum (BEL01088ALFOB)

April 1, 2022
Call of Duty: Modern Warfare II gets October 28 launch date

Call of Duty: Modern Warfare II gets October 28 launch date

May 24, 2022

GIZMOZOD

Gizmozod is dedicated to providing you the latest news and other information about the tech world that you just need to know. It publishes news related to various tech fields like smartphones, computing, smart home, automotive, gaming, cybersecurity and so on.

Follow Us

Categories

  • Apps & Software
  • Computing
  • Gaming
  • Gear
  • Review
  • Security
  • Smart Phones
  • Tech News

Recent News

Get a free Galaxy Watch 4 when you purchase a Z Fold 3, Z Flip 3 or S22 Ultra from Samsung

May 26, 2022
article thumbnail

Microsoft’s popular ‘Psychonauts 2’ is now available on the Mac | AppleInsider

May 26, 2022

Join Our Newsletter!


    • About Us
    • Contact Us
    • Privacy Policy
    • Terms and Conditions

    gizmozod © 2022| All rights reserved.

    No Result
    View All Result
    • Home
    • Shop
    • Tech News
    • Review
    • Gear
    • Gaming
    • Smart Phones
    • More
      • Apps & Software
      • Computing
      • Security

    gizmozod © 2022| All rights reserved.