Collaborating to secure the open source ecosystem
Open source software has become pervasive in data centers, consumer devices, and services, representing its value among technologists and businesses alike. Because of its development process, the OSS that ultimately reaches end users has a chain of contributors and dependencies. It is important that those responsible for their user or organization’s security are able to understand and verify the security of this dependency chain. The initial technical initiatives will focus on: