CII’s Emily Ratliffe describes the dangers of development teams living below the security poverty line.
Read more at SecurityWeek.
Randal Schwartz and Guillermo Amaral of FLOSS Weekly interview The Linux Foundation’s senior director of security infrastructure Emily Ratliff and David Wheeler of The Institute for Defense Analyses (IDA) and an expert on developing secure software and on open source software.
The Core Infrastructure Initiative (CII) Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Projects can voluntarily self-certify, at no cost, by using this web application to explain how they follow each best practice.
Watch the episode here.
Gunnar Hellekson interviews Dr. David A. Wheeler and Emily Ratliff about the launch of CII’s Best Practices Badge program.
Listen to it at The Dave and Gunnar Show.
The Linux Foundation Core Infrastructure Initiative’s badging program matures, as the first projects to achieve security badges are announced.
InfoWorld writer Fahmida Y. Rashid interviews Nicko van Someren, chief technology officer of The Linux Foundation about The Core Infrastructure Initiative’s Best Practices Badge program.
Businesses increasingly rely on open source software, but they usually don’t have a way to tell if developers are following secure coding practices, how they handle vulnerabilities and security updates, or how stable the software is. The CII Best Practices Badge program gives businesses answers to these questions.
Eduard Kovacs provides a list of projects that received badges as part of its best practices program so far.
The list of projects that earned badges so far includes Node.js, the Linux kernel, GitLab, OpenSSL, Curl, OpenBlox, the Zephyr Project, and Syncthing. Tens of other open source apps are in the process of getting certified.
The Linux Foundation’s chief technology officer Nicko van Someren explains the importance of a unifying open source badge program.
Swapnil Bhartiya provides an overview of the CII Best Practices Badges Progam.
While open source projects boast of being more secure compared to proprietary solutions, the fact is not every project has resources or mechanism to ensure security. In many cases there are not enough eyeballs to render all bugs shallow.
CII enables technology companies, industry stakeholders and esteemed developers to collaboratively identify, fund and improve the security of critical open source projects.
Read more at CIO.
ZDNet covers the release of the first round of CII Best Practices badges as part of a program designed to improve the quality and security of open-source software.
Marion Nester of Softpedia covers the basics of CII Best Practices Badges Program.
Dubbed CII Best Practices Badges, the free badge program has been created by Linux Foundation’s Core Infrastructure Initiative (CII) project. Its main goal is determining the security, stability, and quality and various open source software projects, and among the first to earn these badges are the well-known Linux kernel, OpenSSL, Node.js, GitLab, cURL, Zephyr, and OpenBlox.
