The Linux Foundation joins forces to establish the Open Source Security Foundation

The Linux Foundation announced that it has cooperated with a number of hardware and software vendors to establish the Open Source Security Foundation (OpenSSF). This is cross-industry cooperation, through the establishment of a broader community of targeted programs and best practices, and gather leaders together to improve the security of open-source software.

OpenSSF members come from the Core Infrastructure Initiative, the GitHub Open Source Security Alliance and other founding board members such as GitHub, Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, and Red Hat. Other founding members include ElevenPaths, GitLab, HackerOne, Intel, Okta, Purdue, SAFECode, StackHawk, Trail of Bits, Uber, and VMware.

According to the introduction of the OpenSSF official website, the governance of the foundation, the technical community, and its decision-making will be transparent, and any specifications and projects developed will be independent of the supplier. OpenSSF is committed to collaboration and cooperation with upstream communities and with existing communities to improve open source security. In other words, they aim to become a transparent organization to promote cooperation between manufacturers and improve security.

The organization was established including the establishment of a Council (Governing Board), a Technical Advisory Committee ( Technical Advisory Council ), and each workgroup and individual project supervision. OpenSSF intends to hold a number of open source technology projects to support the security of the world’s most critical open-source software, all of which will be publicly conducted on GitHub.