GitHub Joins OpenAI, AWS, and Google to Support Linux Foundation Open Source Security Initiative

GitHub has announced that it joins other leading companies in the sector such as Anthropic, Amazon Web Services (AWS), Google, Microsoft and OpenAI, in its commitment to support the Linux Foundation’s Alpha-Omega initiative in terms of security for open source software.

The technology companies have made a joint investment of 12.5 million dollars (approximately 10.9 million euros) with the aim of collaborating with those responsible for maintenance so that the new security capabilities in artificial intelligence (AI) sean accessible and it integrate into the workflows of existing projects, as well as continue promoting open source software security programsin order to reinforce the security of critical projects.

“The real impact lies in combining the investment with practical tools, training and long-term support designed to help maintainers,” GitHub said on its blog.

The company has detailed that currently more than 280,000 maintainers on GitHub can access free of charge services such as GitHub Copilot Pro, GitHub Actions and security features such as code analysis y automatic correctionamong others.

GitHub is reaffirming its commitment to open source software maintainers through a series of new and expanded investments, including the GitHub Secure Open Source Fund and GitHub Security Lab.

On the one hand, GitHub Secure Open Source Fund contributes 5.5 million dollars (approximately €4.8 million) in Azure credits and funding to provide training and experience; improve community outcomes; and add new partners, including Datadog, Open WebUI, Atlantic Council and OWASP.

On the other hand, GitHub Security Lab invests in GitHub security advisory and Private Vulnerability Reporting (PVR) features to reduce the burden of low-quality reports and help maintainers manage the growing volume of security reports.

ALPHA-OMEGA INITIATIVE

The $12.5 million investment will be managed by the Linux Alpha-Omega Foundation and Open Source Security Foundation (OpenSSF) security initiatives, which seek to develop long-term sustainable security solutions to support open source communities on a global scale.

This collaboration will support sustainable strategies that help maintainers manage increasing security demands, while improving the overall resilience of the open source ecosystem.

“Alpha-Omega was founded on the idea that open source security should be normal and achievable. By funding audits and integrating security experts directly into the ecosystem, we have shown that targeted investment works,” said Alpha-Omega co-founder Michael Winser in a statement on the foundation’s website.