"Rust Foundation Launches Security Team With Support From OpenSSF and JFrog"
The Rust Foundation, which supports the open-source Rust programming language, has announced the formation of a dedicated security team. The security team includes dedicated staff resources that enable the development and implementation of security best practices. The new team's first initiative will be to conduct a security audit and threat modeling exercise to determine how security can be economically maintained. The team will also serve as a resource for the maintainer community and advocate for security practices across the Rust ecosystem, including Cargo and Crates.io. It is sponsored by the Open Source Security Foundation's (OpenSSF) Alpha-Omega Initiative, which works with open-source software projects and maintainers to improve global software supply chain security, and JFrog Ltd., the Rust Foundation's newest Platinum member. Alpha-Omega is a project funded by Google LLC and Microsoft Corp., with the goal of improving the security of open-source software projects through direct engagement. The OpenSSF funding will be used to hire a dedicated security engineer. JFrog's commitment includes members of its security research team working on Rust Foundation's security team. This article continues to discuss the support and goals behind the new Rust Foundation security team.
SiliconANGLE reports "Rust Foundation Launches Security Team With Support From OpenSSF and JFrog"