Government, technology companies and organizations convened for a second summit to move forward open source software security.
A product of the summit was the release of a 10-Point Open Source and Software Supply Chain Security Mobilization Plan (PDF).
From the news release:
The Linux Foundation and the Open Source Software Security Foundation (OpenSSF) brought together over 90 executives from 37 companies and government leaders from the NSC, ONCD, CISA, NIST, DOE, and OMB to to reach a consensus on key actions to take to improve the resiliency and security of open source software.
Companies – including Amazon, Ericsson, Google, Intel, Microsoft and VMWare – pledged $30 million to “rapidly advance well-vetted solutions to the ten major problems the plan identifies.”
The plan calls for $150 million in funding over the next two years.
The first open source security summit was convened by the White House in January.
News we're paying attention to.