Senate panel advances software security bill to create risk framework for agencies, critical infrastructure

The Senate Homeland Security Committee has approved legislation directing CISA to create a risk framework for agencies and critical infrastructure on securing open source software, in response to the Log4j software vulnerability that was found on federal systems.

“Open source software is critical to our country’s national and economic security, and we must ensure it is secure against cybercriminals seeking to exploit vulnerabilities like the one found in Log4j. Now that this bipartisan bill has advanced in the Senate, I...