The Linux Foundation announced $12.5 million in grants to help support significant open source projects and solutions strengthening security. Funds for the payment of grants were donated by Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft and OpenAI.
The distribution of funds will be carried out by the Alpha-Omega project and the OpenSSF organization, created under the auspices of the Linux Foundation to work in areas such as auditing and testing the security of open source software, coordinated disclosure vulnerability information, distribution of patches, development of security tools, publication of best practices for secure development, and identification of security threats in open source software.
The funds allocated will provide maintainers with additional resources as security increases in complexity, accelerates the identification of vulnerabilities, and increases the flow of reports of new vulnerabilities caused by the use of actively developing AI tools. Recently, maintainers have been faced with an influx of vulnerability reports, many of which are automatically generated, without the proper resources and tools to effectively troubleshoot and resolve such issues.
Alpha-Omega and OpenSSF will work directly with the communities and developers involved in maintaining open source projects to develop new security tools that fit into existing open source software workflows. The initiative will also shape strategies to help maintainers cope with increasing security demands and improve the overall resilience of the open source ecosystem.