ONCD releases request for information on next steps for federal open-source software efforts

The Office of the National Cyber Director is leading an effort to determine how the federal government should focus its resources to address open-source software security issues and wants feedback on next steps in a new request for information.

The Open-Source Software Security Initiative (OS3I) was established in 2021 following the “aftermath” of the Log4j software vulnerability, according to the RFI. OS3I is an interagency project with several agencies working together to “identify open-source software security priorities and implement policy...