Google to distribute open source software libraries with supervised security

Google Cloud Logo

Google has announced a new initiative that targets the security of open source software by distributing a carefully selected collection of open source tools with special oversight over security-related aspects. Tools that will be available to Google Cloud users.

The development of open source tools benefits from the support of major technology companies and the administration

This new service is called Assured Open Source Software (AOSS) and has been presented through a blog post published by Google. In it, Andy Chang, product manager for Security and Privacy at Google Cloud, points out some of the challenges of open source software and emphasizes Google’s commitment to this type of software.

Chang reminds that Google continues to be one of the biggest contributors to the use and maintenance of open source software, being deeply involved in improving security in this ecosystem.

With the announcement of AOSS, Google will extend the benefits of this open source software with monitored security to all customers of its Google Cloud Platform, regularly scanning and analyzing all toolkits for potential vulnerabilities.

A list of 550 open source libraries that Google reviews on a regular basis is now available on GitHub. Although all of these libraries can be downloaded independently, the AOSS program will provide audited versions through the Google Cloud, minimizing potential incidents if developers intentionally or unintentionally cause corruptions in widely used open source libraries.

This service is currently in testing and will start to be available from Q3 2022.

Beyond Google itself, open source software tools are benefiting from the interest in promoting them from large technology companies such as Twitter. But also since January of this year in the United States they are getting a broad boost from the Administration with the initiative of government agencies such as the Department of Homeland Security and the Cybersecurity and Security Infrastructure Agency due to the implications of this type of software in cybersecurity.

Click to rate this entry!
(Votes: 0 Average: 0)

Leave a Comment