Iyo OpenSSF (Open Source Security Foundation) yakaunza iyo Alpha-Omega purojekiti, ine chinangwa chekuvandudza kuchengetedzeka kweyakavhurika sosi software. Chekutanga mari yekusimudzira chirongwa ichi inosvika mamiriyoni mashanu emadhora uye vashandi vekutanga chirongwa ichi vachapihwa neGoogle neMicrosoft. Mamwe masangano anokurudzirwawo kutora chikamu, zvese kuburikidza nekupihwa kweinjiniya tarenda uye padanho remari, izvo zvichabatsira kuwedzera huwandu hweakavhurika sosi mapurojekiti anozofukidzwa nechirongwa ichi. Pamusoro pezvo, pakupera kwegore rapfuura, madhora gumi emamiriyoni akagoverwa basa reOpenSSF Foundation; kana mari iyi ichashandiswa muchirongwa cheAlpha-Omega haina kutaurwa.
Iyo Alpha-Omega chirongwa chine zvikamu zviviri:
- Chikamu cheAlfa chinosanganisira kuitisa ongororo yekuchengetedza yemanyorero e200 anoshandiswa zvakanyanya akavhurika sosi mapurojekiti, anonyanya kufarirwa kushandiswa kwavo nenzira yekutsamira kana zvinhu zvezvivakwa. Basa racho richaitwa nekubatana nevachengeti uye rinosanganisira kuongororwa kwakarongeka kwekodhi yekuona kusakanganiswa kutsva uye nekukurumidza kugadzirisa.
- Chikamu cheOmega chakanangana nekuita otomatiki kuyedzwa kwegumi zviuru zvinonyanya kufarirwa zvakavhurika sosi mapurojekiti. Chikwata chakasiyana chemainjiniya chichagadzirwa kuti chiite bvunzo, kuvandudza nzira dzinoshandiswa, kuongorora mhinduro dzebvunzo, kutaurirana ruzivo kune vanogadzira chirongwa uye kuronga kubatana kugadzirisa matambudziko akanyanya. Basa guru rechikwata ichi richave rekuramba manyepo uye kuona kusagadzikana chaiko mumishumo otomatiki.
Iko kudiwa kwekuongororwa kwebhuku padanho reAlpha kunokonzerwa nekudiwa kwekuona matambudziko akavanzika anonetsa kuona panguva yekuyedzwa otomatiki. Semuenzaniso wematambudziko akadaro, ichangoburwa yakakosha kushaya simba muLog4j inotaurwa, iyo yakaisa mungozi zvivako zvehuwandu hwemakambani makuru. Mapurojekiti ekuongorora achasarudzwa achifunga kurudziro yenharaunda yenyanzvi uye data kubva kune yakambogadzirwa Critical Score uye Census ratings.
Sechiyeuchidzo, iyo OpenSSF yakagadzirwa pasi pehurongwa hweLinux Foundation uye yakatarisana nebasa munzvimbo dzakadai sekuburitswa pachena kwehutera, kugovera zvigamba, kugadzirwa kwemidziyo yekuchengetedza, kuburitswa kwemaitiro akanakisa esangano rekusimudzira, kuzivikanwa kwekuchengetedza. -kutyisidzira kwakabatana muSoftware yakavhurika, kuita basa rekuongorora uye kusimbisa kuchengetedzwa kwemapurojekiti akakosha akavhurika sosi, kugadzira maturusi ekuona kuzivikanwa kwevagadziri. OpenSSF inoenderera mberi nekugadzira zvirongwa zvakaita seCore Infrastructure Initiative uye Open Source Security Coalition, uye inobatanidzawo mamwe mabasa ane chekuita nekuchengetedza akaitwa nemakambani akapinda muchirongwa ichi. Makambani ekutanga eOpenSSF anosanganisira Google, Microsoft, Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, IBM, Intel, JPMorgan Chase, Morgan Stanley, Oracle, Red Hat, Snyk uye VMware.
Source: opennet.ru