2022 was a heck of a year for open source security troubles, but at the same time, the https://openssf.org/ did its best to help secure vital programming infrastructure. In 2021, not 2022, things went awry in a big way for open source software security.
This, in turn, woke people outside the developer and security worlds to the dangers to the software supply chain.
Afterward, IBM’s enterprise security executive https://www.linkedin.com/in/jamie-thomas-rtp/ said, “government and industry can work together to improve security practices for open source.”
In particular, the “Alpha” aims to improve global OSS supply chain security by working with the most critical open source project maintainers to help them identify and fix security vulnerabilities.