OpenSSF Receives $5 Million for Open Source Software Security Project

The Open Source Security Foundation (OpenSSF) this week announced that it has added four new members and that Microsoft and Google have pledged $5 million in funding for the Alpha-Omega project.

Founded in 2020 and hosted by the Linux Foundation, OpenSSF is a cross-industry organization focused on improving the security of the open source software supply chain through collaboration between tech companies.

OpenSSF founding members include GitHub, Google, IBM, Microsoft, NCC Group, OWASP Foundation, Intel, Okta, and VMware.

This week, the foundation announced that Hitachi, Lockheed Martin, Salesforce, and SAP have joined the effort as general members. In addition, veteran cybersecurity expert Omkhar Arasaratnam has become the organization’s new general manager and Brian Behlendorf is now the new OpenSSF chief technical officer (CTO).

OpenSSF also announced that Microsoft and Google have pledged $2.5 million each to fund the Alpha-Omega Project, an initiative aimed at improving open source software security by identifying and patching vulnerabilities in source code.

Launched in February 2022, Alpha-Omega bolsters collaboration between code maintainers and focuses on identifying critical open source software to strengthen through automated security analysis, scoring, and remediation guidance.

In December 2022, OpenSSF announced that Amazon Web Services (AWS) had agreed to fund Alpha-Omega with $2.5 million.

Related: OpenSSF Adopts Microsoft-Built Supply Chain Security Framework

Related: New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories

Related: OpenSSF Bags $10 Million Investment