CISA Open Source Software Security Roadmap
Falha ao colocar no Carrinho.
Falha ao adicionar à Lista de Desejos.
Falha ao remover da Lista de Desejos
Falha ao adicionar à Biblioteca
Falha ao seguir podcast
Falha ao parar de seguir podcast
Assine e ganhe 30% de desconto neste título
R$ 19,90 /mês
Compre agora por R$ 17,99
Nenhum método de pagamento padrão foi selecionado.
Pedimos desculpas. Não podemos vender este produto com o método de pagamento selecionado
-
Narrado por:
-
Tom Brooks
Sobre este áudio
The federal government, critical infrastructure, and state, local, tribal, and territorial (SLTT) governments greatly depend upon open source software (OSS). OSS is software for which the human-readable source code is made available to the public for use, study, re-use, modification, enhancement, and re-distribution. OSS is part of the foundation of software used across critical infrastructure, supporting every single critical infrastructure sector and every National Critical Function: one study found that 96% of studied codebases across various sectors contain open source code, and 76% of code in studied codebases was open source. Therefore, to fulfill CISA’s mission of understanding, managing, and reducing risks to the federal government and critical infrastructure, we must understand and protect the open source software that we rely upon.
As a public good, open-source software is supported by diverse and wide-ranging communities—which are composed of individual maintainers, non-profit software foundations, and corporate stewards. CISA must integrate into and support these communities, with a particular focus on the critical OSS components that the federal government and critical infrastructure systems rely upon. CISA recognizes the immense benefits of open source software, which enables software developers to work at an accelerated pace and fosters significant innovation and collaboration. With these benefits in mind, this roadmap lays out how CISA will help enable the secure usage and development of OSS, both within and outside the federal government. As detailed below, the roadmap centers on four key goals:
- establishing CISA’s role in supporting the security of OSS
- understanding the prevalence of key open source dependencies
- reducing risks to the federal government
- hardening the broader OSS ecosystem