The Open Source Security Foundation (OpenSSF) has published a mobilization plan to improve the resiliency and security of open source software (OSS). Modern software supply chains leverage OSS extensively because it affords faster innovation and better-quality products, but its broad adoption comes with risk due to inherent vulnerabilities in OSS components.
Read full article on The New Stack