Commentary: Open source has never been more popular or more under attack, but there’s something cloud providers can do to make OSS more secure.
TechRepublic contributing writer Jack Wallen is correct that “Open source software has proved itself, time and time and time again, that it is business-grade for a very long time.” Sonatype is also correct that supply chain attacks against popular open source software repositories jumped 650% over the last year. In fact, it’s the very popularity of that open source software that makes it a prime target.
Even though President Biden has called for greater focus on the safety and integrity of open source software, we’re no closer to knowing how to achieve it. Some larger projects like Kubernetes have the corporate backing necessary to ensure significant investment in securing the software, while others may be heavily used but can be