Open source organizations call for ONCD to prioritize memory safety, developer education in interagency initiative

The Office of the National Cyber Director should focus on boosting the adoption of memory-safe programming languages and eliminating classes of vulnerabilities at scale, according to organizations focused on open source software who submitted comments to a request for information on the interagency Open-Source Software Security Initiative.

ONCD issued an RFI in August 2023 on OS3I, which was established following the discovery of the Log4j vulnerability. The RFI offers five potential areas of focus and several sub-areas for exploration...