"New Google Team to Help Critical Open Source Projects Improve Security"

Google is increasing its investment in open source software security by forming a new team of developers committed to assisting the maintainers of major open source projects in improving their software's security. The new Open Source Maintenance Crew is part of the company's ongoing commitment to strengthen the security of the open source ecosystem, as well as the broader industry push to bolster the resilience of the projects that support much of the Internet. During a two-day meeting at the White House with leaders from dozens of Internet businesses, the Open Source Security Foundation, and Biden administration officials, Google unveiled the new team. The conference was a follow-up to one held in January, during which attendees discussed the vital role of open source software in the industry and how to best handle the problems that maintainers have in attempting to improve the security of their projects. One of the major concerns is a lack of financial and human resources to prevent, detect, and correct systemic security flaws. The size of the new Open Source Maintenance Crew team has not been revealed, but given Google's vast resources, it is expected to be large. Many factors will influence how the team chooses which open source projects to prioritize. Last year, Google announced a $10 billion commitment over the next five years to strengthen cybersecurity through various programs and projects, including $100 million to support organizations like the OpenSSF. The Open Source Insights project, which provides a dependency graph for any open source product, has also received Google's support. This article continues to discuss the goals of Google's new Open Source Maintenance Crew and other investments made by Google to improve cybersecurity.

Decipher reports "New Google Team to Help Critical Open Source Projects Improve Security"