Office of the National Cyber Director Seeks Public Input on Open-Source Software Security

The White House is seeking public input on securing open-source software development.

In a request for information posted on Thursday, the Office of the National Cyber Director and other agencies asked what areas the federal government should prioritize and what policy and technical barriers should be considered. They also asked how to support efforts to mitigate key open-source software risks and sustain open-source software communities.

Camille Stewart Gloster, ONCD’s deputy national cyber director for technology and ecosystem security, and Eric Goldstein, the Cybersecurity and Infrastructure Security Agency’s executive assistant director of cybersecurity, wrote in a blog post that they aim to normalize creating secure open-source code and regularly checking the security of existing code.

According to Gloster and Goldstein, software makers should contribute to the security of the open-source applications they use.

CISA is planning to release an open-source security strategy in the coming months.

The deadline for comments is on Oct. 9, Nextgov/FCW reported.