403
Sorry!!
Error! We're sorry, but the page you were
looking for doesn't exist.
Openssf Adds Minder As Sandbox Project To Simplify The Integration And Use Of Open Source Security Tools
(MENAFN- EIN Presswire)
Minder applies policies to eliminate risk across the software development lifecycle
SEATTLE, WA, UNITED STATES, October 28, 2024 /EINPresswire / -- The Open Source Security Foundation (OpenSSF) , a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software, has welcomed Minder as its newest sandbox project within the Security Tooling Working Group. Minder makes it easier for an organization to consistently adopt security tooling, including other OpenSSF projects, and enforce a policy-based approach to open source software security.
Minder brings developers and security teams together to discover and eliminate risk before code is merged, using best practices from the OpenSSF Scorecard, Sigstore and similar projects. Minder integrates these projects for organizations that want a platform to manage open source security; it automates the application and enforcement of policies across groups of repositories, cryptographically signs software artifacts and more. The outcome is more control and consistency, but also more speed enabled by clear boundaries and automation.
“Open source software is a wellspring of innovation. There are some incredible projects already housed in the OpenSSF that drive tremendous value, but require expertise to operationalize,” said Craig McLuckie, CEO and co-founder of Stacklok.“Minder addresses this gap by making it easier to use these tools and centralizing control of policy across the software development lifecycle. We're eager to work even more closely with the OpenSSF to make open source software safer and more sustainable to consume.”
“We believe organizations that adopt a policy-based approach to security are best positioned to stay steps ahead of threat actors,” said Bob Callaway, Head of Google's Open Source Security Team and OpenSSF Technical Advisory Council Member.“To that end, Minder brings a complementary set of capabilities to the OpenSSF Security Tools Working Group.”
As a sandbox project, Minder will now benefit from OpenSSF governance models and resources. The Security Tools Working Group will provide guidance on how to grow and improve the project, and engage a wider set of maintainers and contributors. For more information about the OpenSSF, please visit . To start using Minder today, please visit: .
About Stacklok
Stacklok brings developers and security teams together to eliminate all forms of risk before code is merged. Stacklok provides security professionals with control of policy across the entire software development lifecycle to continuously and consistently secure software projects. And Stacklok empowers developers with intelligence on high-risk open source packages as part of their existing workflows, so they can make safer open source choices. Stacklok is led by creators of Kubernetes and Sigstore, solving for open source software security through deep connection and collaboration with the community.
About the OpenSSF
The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry's most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaborating and working upstream and with existing communities to advance open source security. For more information, please visit us at openssf.
Minder brings developers and security teams together to discover and eliminate risk before code is merged, using best practices from the OpenSSF Scorecard, Sigstore and similar projects. Minder integrates these projects for organizations that want a platform to manage open source security; it automates the application and enforcement of policies across groups of repositories, cryptographically signs software artifacts and more. The outcome is more control and consistency, but also more speed enabled by clear boundaries and automation.
“Open source software is a wellspring of innovation. There are some incredible projects already housed in the OpenSSF that drive tremendous value, but require expertise to operationalize,” said Craig McLuckie, CEO and co-founder of Stacklok.“Minder addresses this gap by making it easier to use these tools and centralizing control of policy across the software development lifecycle. We're eager to work even more closely with the OpenSSF to make open source software safer and more sustainable to consume.”
“We believe organizations that adopt a policy-based approach to security are best positioned to stay steps ahead of threat actors,” said Bob Callaway, Head of Google's Open Source Security Team and OpenSSF Technical Advisory Council Member.“To that end, Minder brings a complementary set of capabilities to the OpenSSF Security Tools Working Group.”
As a sandbox project, Minder will now benefit from OpenSSF governance models and resources. The Security Tools Working Group will provide guidance on how to grow and improve the project, and engage a wider set of maintainers and contributors. For more information about the OpenSSF, please visit . To start using Minder today, please visit: .
About Stacklok
Stacklok brings developers and security teams together to eliminate all forms of risk before code is merged. Stacklok provides security professionals with control of policy across the entire software development lifecycle to continuously and consistently secure software projects. And Stacklok empowers developers with intelligence on high-risk open source packages as part of their existing workflows, so they can make safer open source choices. Stacklok is led by creators of Kubernetes and Sigstore, solving for open source software security through deep connection and collaboration with the community.
About the OpenSSF
The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry's most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaborating and working upstream and with existing communities to advance open source security. For more information, please visit us at openssf.
Scott Buchanan
Stacklok
email us here
Visit us on social media:
X
LinkedIn
YouTube
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.
Comments
No comment