• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Google needs to invest more in support than surprises

Google will start distributing a security-vetted collection of open-source software libraries

May 17, 2022
The Ukrainian ballerina who dances by night and fights Russians by day

The Ukrainian ballerina who dances by night and fights Russians by day

June 25, 2022
Guns in paradise: Ruling could undo strict Hawaii carry law

Guns in paradise: Ruling could undo strict Hawaii carry law

June 25, 2022
Armstrong takes world title after training partner disqualified

Armstrong takes world title after training partner disqualified

June 25, 2022
Reconnecting With The One That Got Away? Here’s How To Do It

Reconnecting With The One That Got Away? Here’s How To Do It

June 25, 2022
At Least 18 Migrants Die in Effort to Enter Spanish Enclave in Africa

At Least 18 Migrants Die in Effort to Enter Spanish Enclave in Africa

June 25, 2022
With Roe v. Wade Overturned, Canada Could Become an Abortion Destination

With Roe v. Wade Overturned, Canada Could Become an Abortion Destination

June 25, 2022
Maine religious schools’ use of state tuition program faces more hurdles

Maine religious schools’ use of state tuition program faces more hurdles

June 25, 2022
U.S. destroyer sunk during WWII is “deepest shipwreck ever located”

U.S. destroyer sunk during WWII is “deepest shipwreck ever located”

June 25, 2022
Supreme Court ‘Misleadingly Quotes Me’ in Abortion Ruling: Law Professor

Supreme Court ‘Misleadingly Quotes Me’ in Abortion Ruling: Law Professor

June 25, 2022
Activists say Morocco used ‘unjustified’ force against Melilla migrants

Activists say Morocco used ‘unjustified’ force against Melilla migrants

June 25, 2022
Costa Rica Asks IMF For $700 Million From New Sustainability Trust

Costa Rica Asks IMF For $700 Million From New Sustainability Trust

June 25, 2022
Solar patio umbrellas sold at Costco recalled after multiple fires

Solar patio umbrellas sold at Costco recalled after multiple fires

June 25, 2022
DNYUZ
  • Home
  • News
    • U.S.
    • World
    • Politics
    • Opinion
    • Business
    • Crime
    • Education
    • Environment
    • Science
  • Entertainment
    • Culture
    • Music
    • Movie
    • Television
    • Theater
    • Gaming
    • Sports
  • Tech
    • Apps
    • Autos
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Arts
    • Fashion
    • Food
    • Health
    • Travel
No Result
View All Result
DNYUZ
No Result
View All Result
Home News

Google will start distributing a security-vetted collection of open-source software libraries

May 17, 2022
in News, Tech
Google needs to invest more in support than surprises
516
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

Google announced a new initiative Tuesday aimed at securing the open-source software supply chain by curating and distributing a security-vetted collection of open-source packages to Google Cloud customers.

The new service, branded Assured Open Source Software, was introduced in a blog post from the company. In the post, Andy Chang, group product manager for security and privacy at Google Cloud, pointed to some of the challenges of securing open-source software and stressed Google’s commitment to open source.

“There has been an increasing awareness in the developer community, enterprises, and governments of software supply chain risks,” Chang wrote, citing last year’s major log4j vulnerability as an example. “Google continues to be one of the largest maintainers, contributors, and users of open source and is deeply involved in helping make the open source software ecosystem more secure.”

Per Google’s announcement, the Assured Open Source Software service will extend the benefits of Google’s own extensive software auditing experience to Cloud customers. All open-source packages made available through the service are also used internally by Google, the company said, and are regularly scanned and analyzed for vulnerabilities.

Currently, a list of the 550 major open-source libraries being continuously reviewed by Google is available on GitHub. While these libraries can all be downloaded independently of Google, the Assured OSS program will see audited versions distributed through Google Cloud — mitigating against incidents where developers intentionally or unintentionally corrupt widely used open-source libraries. At present, this service is in early access mode and is expected to be made available for wider customer testing in Q3 2022.

The announcement from Google comes as part of an industry-wide drive to improve the security of the open-source software supply chain and one that has also been supported by the Biden administration.

In January, a group of some of the nation’s largest tech companies met with representatives of federal agencies including the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency to discuss open-source software security in the wake of the log4j bug. Since then, a recent meeting of the companies involved resulted in a pledge of more than $30 million in funding to boost open-source software security.

Besides contributing funding, Google is also putting engineering hours toward keeping the supply chain secure. The company recently announced the formation of an “Open Source Maintenance Crew” that would work with the maintainers of popular libraries to improve security.

The post Google will start distributing a security-vetted collection of open-source software libraries appeared first on The Verge.

Tags: CybersecurityPolicyTech
Share206Tweet129Share

Trending Posts

Supreme Court Throws Abortion to an Unlevel State Playing Field

Supreme Court Throws Abortion to an Unlevel State Playing Field

June 25, 2022
Probe of migrant deaths at Spain’s North Africa enclave demanded

Probe of migrant deaths at Spain’s North Africa enclave demanded

June 25, 2022
Benches clear after White Sox’s Michael Kopech nails Orioles’ Jorge Mateo with a 99 mph fastball

Benches clear after White Sox’s Michael Kopech nails Orioles’ Jorge Mateo with a 99 mph fastball

June 25, 2022
We could be using facial authentication for a whole lot more than unlocking our phones

We could be using facial authentication for a whole lot more than unlocking our phones

June 25, 2022
‘Mitt Romney Republican’ is now a potent GOP primary attack

‘Mitt Romney Republican’ is now a potent GOP primary attack

June 25, 2022

Copyright © 2022.

Site Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • U.S.
    • World
    • Politics
    • Opinion
    • Business
    • Crime
    • Education
    • Environment
    • Science
  • Entertainment
    • Culture
    • Gaming
    • Music
    • Movie
    • Sports
    • Television
    • Theater
  • Tech
    • Apps
    • Autos
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Arts
    • Fashion
    • Food
    • Health
    • Travel

Copyright © 2022.