Skip to main Content
Article

Microsoft joins new open source security group

Matt Barclay
  • Date: 28 October, 2020

Microsoft has joined the newly formed Open Source Security Foundation (OpenSSF), which aims to improve the security of open source software by building a broader community and developing targeted initiatives and best practices.

The new group is supported by the Linux Foundation and includes GitHub, Google, IBM, NCC Group, OWASP Foundation and Red Hat amongst its founding members.

The new group will likely be joined by members of GitHub’s Open Source Security Coalition (OSSC) and integrate the efforts of the Core Infrastructure Initiative (CII).

Open source software typically has no central authority responsible for its quality and maintenance. In addition, because source code can be copied and cloned, versioning and dependencies are particularly complex. 

These key challenges strongly suggest that building better security must be a community-driven process. With this in mind, several working groups will be created to address key security concerns, such as:

  • Vulnerability disclosures - aimed at speeding up the time required to fix a vulnerability and deploy the fix
  • Security tooling - seeking to improve existing security tools and develop new ones
  • Security threats identification - focusing on creating key metrics to better assess how each component in an open source project scores in regards to security
  • Security best practices

Mark Russinovich, Microsoft’s chief technology officer, gave a further indication of some of the key areas of focus for the group when he said: “We are looking forward to participating in future OpenSSF efforts including securing critical open source projects (assurance, response), developer identity and bounty programs for open source security bugs”.

Browse Related Brands:
Browse Related Topics:

Matt Barclay

Product Director for Cloud

Matt Barclay is Product Director for Cloud at Global Knowledge UK&I. He has many years of industry experience, with a focus on Cloud and Software Development. He works closely with our key vendors such as AWS and Microsoft to help drive success, address our customers' challenges and ensures our offerings are in line with current trends.

Related Articles
15 Oct 2021 Article

A VMware report has revealed concerns that many security professionals are struggling with increased stress as a result of the impact of the lockdown,...Read More

09 Dec 2020 Article

We review the highlights from the Microsoft Ignite 2020 event, the company’s largest of the year, and take a look at Get On 2021

03 Dec 2020 Article

With 2021 quickly approaching, you need to be ready for existing and new threats. Do these 7 things to safeguard your computer and network.

We Care About Your Privacy

We are using cookies to give you the best experience on our site. Cookies are files stored in your browser and are used by most websites to help personalise your web experience. By continuing to use our website without changing the settings, you are agreeing to our use of cookies.

About your Privacy

We process your data for purposes such as delivering content or advertisements and measuring the delivery of such content or advertisements to extract insights about our website. We may share this information with our partners. Cookies set by Global Knowledge are labelled “first party”; you may exercise your preferences in relation to first party cookies by toggling the switch for each first party cookie category below. The remaining cookies are third party cookies; you may exercise your preferences in relation to each purpose by toggling the relevant switch below or by vendor by clicking “List of IAB Vendors.” These choices will be signaled globally to other websites participating in the Transparency and Consent Framework.
Privacy Statement

Necessary Cookies

These are cookies that are required for the Global Knowledge website to function and cannot be switched off in our systems. They include, for example, cookies that enable you to use a shopping cart or log into the booking area of our website.

Analytics Cookies

Analytics cookies are an optional but important part of our website's functionality. They help us to understand how you interact with our site by collecting and reporting information anonymously. The data collected by analytics cookies is used to improve the website's performance and enhance the user experience. It is important to note that these cookies do not collect any personal information that can be used to identify you.

Preferences Cookies

These are optional and you can turn them off and on. Please only use 2 to 3 lines of text here and if needed link to a page with more cookie info in Intro.

Performance Cookies

These cookies allow us to recognise and count the number of visitors to our website, traffic sources and to see how website visitors move around the website when they are using it. This helps us to improve the way the website works and improve your website experience. All information these cookies collect is aggregated and therefore anonymous.

Cookie Control toggle icon