security

White House meets with top software executives to talk security – CNET


white-house

The White House and tech executives are working to boost open-source software security.


White House

Top executives from some of the world’s largest tech companies met with White House officials Thursday to discuss ways to boost the security of the open-source software behind everything from consumer gadgets to massive industrial systems.

The White House said that those who participated, which included representatives from the likes of Apple, Google, Microsoft and Amazon, had a “substantive and constructive” discussion. It added that talks will continue over the coming weeks.

The meeting came in the wake of last month’s discovery of Log4j, a massive security flaw in the popular open-source Java-logging library Apache Log4j. If left unpatched or otherwise unfixed, the bug could be exploited by cyber attackers, posing risks for huge swaths of the internet.

Thursday’s discussion focused on how to prevent security vulnerabilities in open-source software, as well as how to improve the process for finding and fixing bugs and how to speed up the patching process, the White House said.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, has said that the sheer scope of Log4j, which affects tens-of million of internet-connected devices, makes it the most serious she’s seen in her career.

As of Monday, no federal agencies had been compromised as a result of the bug and no major cyberattacks had been reported in the US. Most of the attempts to exploit the bug, so far, have been focused on low-level crypto mining or attempts to draw devices into botnets, according to Easterly.



READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.