Government, tech companies release open source software supply chain security modernization plan

Posted by Luke Fretwell · May 13, 2022

Government, technology companies and organizations convened for a second summit to move forward open source software security.

A product of the summit was the release of a 10-Point Open Source and Software Supply Chain Security Mobilization Plan (PDF).

From the news release:

The Linux Foundation and the Open Source Software Security Foundation (OpenSSF) brought together over 90 executives from 37 companies and government leaders from the NSC, ONCD, CISA, NIST, DOE, and OMB to to reach a consensus on key actions to take to improve the resiliency and security of open source software.

Companies – including Amazon, Ericsson, Google, Intel, Microsoft and VMWare – pledged $30 million to “rapidly advance well-vetted solutions to the ten major problems the plan identifies.”

The plan calls for $150 million in funding over the next two years.

The first open source security summit was convened by the White House in January.

Video: Open Source Software Security Summit II press briefing

Subscribe

Subscribe to the GovFresh newsletter or connect with us wherever you are.

Subscribe

Radar

News we're paying attention to.

Radar

Support

Thank you for supporting our work.

Support

Subscribe

Stay updated.

Subscribe

Suggest

Help make GovFresh better.

Suggest