Cybersecurity Mobile Policy Privacy Scooters. Phones Laptops Headphones Cameras. Tablets Smartwatches Speakers Drones. Accessories Buying Guides How-tos Deals. Health Energy Environment. YouTube Instagram Adobe. Kickstarter Tumblr Art Club. Film TV Games. Fortnite Game of Thrones Books. Comics Music. Filed under: Policy Tech Cybersecurity. Google calls for new government action to protect open-source software projects New, 9 comments.
Looking to the future, he says the industry needs new ways to identify software that may, down the line, pose a systemic risk to internet security. The importance of open-source software has been a topic of a lot of discussions following the discovery of the Log4Shell vulnerability.
Log4j happens to be one of the most popular and widely used logging library, with services like Steam and iCloud depending on it. Sign up. Google wants to work with government to secure open-source software "It deserves the same focus and funding we give to our roads and bridges.
Requires organizations to account for and publish their open source code in accordance with M The Open Source Working Group will update and maintain all guidance and implementation instructions pertaining to this Order on this site. Justification will be required for new custom code that does not follow these guidelines;. Requires that a standard, secure open source code development pipeline process be in place at GSA that all organizations will follow.
This process can be accomplished multiple ways, such as performing automated code scanning or code reviews. Adheres to releasing open source code through a public-facing software version control platform, including code developed by GSA personnel and contractors.
0コメント