AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() JFrog joins AWS, Google, Huawei, Meta, Microsoft, and Mozilla at the Platinum level. As part of the company’s investment in the Rust Foundation and ecosystem, JFrog has committed members of its Security Research team to work on the Rust Foundation Security Initiative. JFrog just last week announced it is joining the Rust Foundation at the Platinum level. “We are looking forward to seeing the Rust Foundation’s Security Initiative get started and collaborating on this important work.” “The Rust programming language shows great promise for a more secure global supply chain, and the Rust Foundation is the home for this work,” said Brian Behlendorf, GM, OpenSSF. “We’re learning how to turn money into security,” said Michael Winser and Michael Scovetta, co-directors of the project. Alpha-Omega is funded by Google and Microsoft with a mission of direct engagement to improve the security of OSS projects. As a result, the OpenSSF’s Alpha-Omega Initiative has made a grant to the Rust Foundation to support a dedicated security engineer. The OpenSSF suggested in its 10-Point Open Source Security Mobilization Plan released earlier this year that the industry work to eliminate root causes of many vulnerabilities through the replacement of non-memory-safe languages with Rust and Go. The initiative will also help advocate for security practices across the Rust landscape, including Cargo and Crates.io, and will be a resource for the maintainer community. The first initiative for the new Security Initiative will be to undertake a security audit and threat modeling exercises to identify how security can be economically maintained going forward. These investments from Alpha-Omega and JFrog include dedicated staff resources that will enable the Rust Foundation to create and implement security best practices. We hope to continue to build out the initiative in the coming months and years.” “With the establishment of the Rust Foundation Security Initiative, we will be able to support the broader Rust community with the highest level of security talent and help ensure the reliability of Rust for everyone. “There’s often a misperception that because Rust ensures memory safety that it’s one hundred percent secure, but Rust can be vulnerable just like any other language and warrants proactive measures to protect and sustain it and the community,” said Bec Rumbul, Executive Director at the Rust Foundation. The initiative is being underwritten with generous support from the OpenSSF’s Alpha-Omega Initiative, which partners with open source software projects and maintainers to improve the global software supply chain security, and Rust Foundation’s newest Platinum member JFrog. The new Rust board will feature five board directors from the five founding members, as well as five directors from project leadership.DUBLIN, SeptemThe Rust Foundation, the nonprofit organization dedicated to supporting and sustaining the Rust programming language, today announced it is establishing a security initiative. But with Mozilla's layoffs in recent months, many on the Rust team lost jobs and the future of the language became unclear without a main sponsor, though the project itself has thousands of contributors and a lot of corporate users, so the language itself wasn't going anywhere.Ī large open-source project often needs some kind of guidance, which the new foundation will provide - and it takes a legal entity to manage various aspects of the community, including the trademark, for example. Today, Rust is the most-loved language among developers. Designed by Mozilla Research's Graydon Hore, with contributions from the likes of JavaScript creator Brendan Eich, Rust became the core language for some of the fundamental features of the Firefox browser and its Gecko engine, as well as Mozilla's Servo engine. Rust started as a side project inside of Mozilla to develop an alternative to C/C++. This budget will allow the project to "develop services, programs, and events that will support the Rust project maintainers in building the best possible Rust." AWS, Huawei, Google, Microsoft and Mozilla banded together to launch this new foundation today and put a two-year commitment to a million-dollar budget behind it. Rust - the programming language, not the survival game - now has a new home: the Rust Foundation.
0 Comments
Read More
Leave a Reply. |