White House meets with top software executives to talk security


The White House and tech executives are working to boost open-source software security.

White House

Top executives from some of the world’s largest tech companies met with White House officials Thursday to discuss ways to boost the security of the open-source software behind everything from consumer gadgets to massive industrial systems.

The White House said that those who participated, which included representatives from the likes of Apple, Google, Microsoft and Amazon, had a “substantive and constructive” discussion. It added that talks will continue over the coming weeks.

Get the CNET Home newsletter

Modernize your home with the latest news on smart home products and trends. Delivered Tuesdays and Thursdays.

The meeting came in the wake of last month’s discovery of Log4j, a massive security flaw in the popular open-source Java-logging library Apache Log4j. If left unpatched or otherwise unfixed, the bug could be exploited by cyber attackers, posing risks for huge swaths of the internet.

Thursday’s discussion focused on how to prevent security vulnerabilities in open-source software, as well as how to improve the process for finding and fixing bugs and how to speed up the patching process, the White House said.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, has said that the sheer scope of Log4j, which affects tens-of million of internet-connected devices, makes it the most serious she’s seen in her career.

As of Monday, no federal agencies had been compromised as a result of the bug and no major cyberattacks had been reported in the US. Most of the attempts to exploit the bug, so far, have been focused on low-level crypto mining or attempts to draw devices into botnets, according to Easterly.



Source link

Leave a Reply

Your email address will not be published.