Strengthening the security of open-source software has become a significant challenge for governments, given the informal and ubiquitous nature of this community. Yet this is a crucial component of the US government’s efforts to promote security by design across software more generally, thereby reducing vulnerability exploitation and supply chain incidents.

Source: Infosecurity