Open Source Software Supply Chain Security
While innumerable strategies, frameworks, and “best practices” guides have emerged, few of which agree and some of which outright contradict each other, general consensus has grown around the need for increased diligence regarding the “software supply chain.”
As cybersecurity incidents have continued to grow in magnitude, frequency, and consequences, both public and private sector attention has turned to questions of what, if anything, organizations may do to better manage the risks of today’s modern, connected world.
We explore the security and reliability issues currently affecting the software supply chain, and identify where and how changes may be made to improve it overall.
Thank you for your interest in the Core Infrastructure Initiative’s Census efforts! We are always looking for new partners to join us in our mission to strengthen the security and health of key open source projects. To get more involved, please enter your name and preferred email address, then check any boxes below that apply: