The Whitehouse hosted an Open Source Software Security Summit on Thursday, January 13, 2022.
The Biden administration wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors’ attacks.
Participants focused on three topics: preventing security defects and vulnerabilities in open source software, improving the process for finding security flaws and fixing them, and shrinking the time needed to deliver and deploy fixes.
The meeting was attended by Deputy National Security Advisor Anne Neuberger and National Cyber Director Chris Inglis.
They were joined by officials from multiple federal agencies, including the Department of Defense, the Department of Commerce, the Department of Energy, and the Department of Homeland Security, as well as representatives from the Cybersecurity and Infrastructure Security Agency (CISA), the National Institute of Standards and Technology, and the National Science Foundation.
Private-sector organizations that joined the meeting include, in alphabetical order: Akamai, Amazon, Apache Software Foundation, Apple, Cloudflare, Facebook/Meta, GitHub, Google, IBM, the Linux Foundation, the Open Source Security Foundation, Microsoft, Oracle, RedHat, VMWare. Learn more.
To me it is interesting to see who was invited, and perhaps why.
While this may seem like just another event was it?
One of my favorite movie quotes is from Butch Cassidy and the Sundance Kid when they say, “Who are those guys?”
Do you recognize all of these companies and organizations?
What are they doing with data, your data?
Time will tell.