Last week, I went to the White House Open Source Software Security Summit, alongside VMware’s Chief Security Officer, Alex Tosheff, and Michael Kennedy, our VP of Global Government Relations and Public Policy. Driven by Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, the culmination was gone to by both private industry pioneers and government organizations.
This significant get-together was accelerated by the Log4j weakness, yet the main problem is – how might we guarantee source code, construct, and dispersion honesty in all open source programming (OSS)?
Building open source programming and adding to its numerous networks is a major piece of VMware’s designing and advancement soul, and we trust the way forward relies on proceeded with coordinated effort. Thusly, we offered a few pragmatic suggestions of real value for speeding up both industry and public/private associations, as point by point in the accompanying letter we submitted ahead of the culmination.
January 9, 2022
Anne Neuberger
Agent National Security Advisor for Cyber and Emerging Technology
The White House
1600 Pennsylvania Avenue, Northwest
Washington, D.C. 20500
Ms. Neuberger,
Much obliged to you again for welcoming VMware to the Open Source Software Security Summit at the White House. As you might know, VMware is both a weighty client of and supporter of open source programming. Thusly, VMware takes open source, and specifically open source security, truly. With that in mind, we take an interest in and add to many open source-related industry consortia, like the Linux Foundation, Apache Software Foundation, Cloud Native Computing Foundation and the Open Source Security Foundation (OpenSSF), to give some examples.
VMware accepts that open source programming has been and will keep on being a significant wellspring of advancement, industry coordinated effort, and industry normalization. It has empowered both new and existing organizations to quickly work out new advancements on straightforwardly accessible, demonstrated programming abilities. What’s more a direct result of the previously mentioned consortia, open source empowers industry members to team up around normal guidelines and interoperability, which benefit all members as well as shoppers. Quite a bit of this advantage is because of the essential “transparency” of open source.