The US cybersecurity agency CISA has laid out key actions for securing open source software (OSS). Steps that CISA will take include promoting the Principles for Package Repository Security, a framework outlining security maturity levels for package repositories, and a new effort to enable collaboration and information sharing with open source software infrastructure operators. “Open source software is foundational to the critical infrastructure Americans rely on every day,” CISA director Jen Easterly said.
Read more: https://www.securityweek.com/cisa-details-efforts-to-secure-open-source-software/