Network Computing is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
This week’s KubeCon + CloudNativeCon North America in-person and virtual conference put security for open-source development back in the spotlight while also talking up cloud native’s rapid rise.
Pryanka Sharma, general manager of the Cloud Native Computing Foundation (CNCF), the event host; Jim Zemlin, executive director of the Linux Foundation; and Bryan Behlendorf, general manager of the Open Source Security Foundation (OpenSSF), spoke to analysts and press about the trajectory and scale of cloud native adoption. They also presented ways their teams aim to improve the security dilemmas tied to open-source development in this space.
Sharma said the CNCF, a branch of the Linux Foundation, includes some 114 projects, with more than 138,000 individual contributors from more than 86 countries. The growth of CNCF is naturally tied to the increased appetite for cloud native development and deployment among organizations. “Things are moving really fast for our ecosystem,” she said. “Every company is becoming a technology company and they’re adopting the paradigm of cloud native.”
Open-source cloud native projects that are incubated, graduated, and approved by the CNCF, are ready for enterprise use in production at any scale, Sharma said. “We think they are going to help every company out there with their deployments and workloads.”
The pace of open-source development continues to accelerate, Zemlin said, finding its way into most technology products or services, “Open source now, 30 years into Linux, is the dominant form of how software gets developed,” he said. “It really makes up the bulk of any modern application.”
Open source has driven innovation and fostered efficiency in digital transformation, Zemlin said. It lets organizations focus on proprietary code that is their “secret sauce” for the most vital business needs, he said, while using open frameworks as building blocks for the rest.
Securing open-source code
Big challenges remain ahead for open innovation communities, Zemlin said, so the Linux Foundation raised an additional $10 million for the Open Source Security Foundation, which is rounding out its first year of operation. “We think cybersecurity is one of the most immediate challenges in open source that can be pretty systematically addressed; it will never be perfectly solved,” he said.
Read the rest of this article on InformationWeek.
Secure boot features are typically customizable and capable of being turned on or off by the OEM. The question then arises of which mode should be the default.
Organizations are tacitly agreeing to accept greater risk by moving quickly without equal attention to security. The new normal we heard so much about throughout the pandemic is apparently “insecure by default.”
Zero Trust allows IT professionals to maintain a high level of security despite the extending boundaries of the network perimeter due to the increased use of cloud and remote work.
Implementing a zero-trust network architecture enables enterprises to box in a ransomware attack, limiting the extent to which a fraudster can commandeer data and resources.
In today’s increasingly challenging cyber-attack landscape, overlooking any connected device’s security is a risk to your data and your company’s reputation.
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and head office is 5 Howick Place, London, SW1P 1WG.


You May Also Like

Stop Ignoring Your Records Problem, The Fix May Be Hidden in Plain Sight

For IT, compliance, and legal departments, records management is one of the…