More money for open source security won’t work
Here’s the good news. According to the Open Source Security Foundation (OpenSSF), it will cost less than $150 million to secure open source software. More good news, industry giants Amazon, Intel, Google, and Microsoft have already pledged $30 million. Just $120 million to go toward a secure open source future, right?Well, no, because the bad news is that no generalized approach to open source security is going to work. OpenSSF has a fantastic 10-point plan to foster a multifaceted approach to security. This approach has a better chance of succeeding than the more piecemeal approaches of the past, argued Brian Behlendorf, general manager of the OpenSSF, on a recent press call, because “there’s not one root cause or one root approach that’s going to address them all.”To read this article in full, please click here
Here’s the good news. According to the Open Source Security Foundation (OpenSSF), it will cost less than $150 million to secure open source software. More good news, industry giants Amazon, Intel, Google, and Microsoft have already pledged $30 million. Just $120 million to go toward a secure open source future, right?
Well, no, because the bad news is that no generalized approach to open source security is going to work. OpenSSF has a fantastic 10-point plan to foster a multifaceted approach to security. This approach has a better chance of succeeding than the more piecemeal approaches of the past, argued Brian Behlendorf, general manager of the OpenSSF, on a recent press call, because “there’s not one root cause or one root approach that’s going to address them all.”
