The Linux Foundation has announced the formation of the Open Source Security Foundation (OpenSSF). The foundation aims to improve the security of open source software.
Above all, OpenSSF is a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS). The goal of OpenSSF is to simplify the industry’s open source security efforts by bringing together its most popular projects and the companies that support them.
OpenSSF’s founding members include some of tech’s biggest names. Companies like GitHub, Google LLC, IBM Corp., Intel Corp., Microsoft Corp., Red Hat Inc., Uber Technologies Inc. and VMware Inc.
“We believe open source is a public good and across every industry we have a responsibility to come together to improve and support the security of open source software we all depend on,”
said Jim Zemlin, executive director at The Linux Foundation in a press release.
As part of the announcement, The Linux Foundation also disclosed additional details related to OpenSFF’s governance structure. The formation of a Technical Advisory Council (TAC), Governing Board (GB) as well as separate oversight bodies “for each working group and project.”
The Foundation’s governance, technical community and its decisions will be transparent. Any specifications and projects developed will be vendor agnostic. The OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.