Linux security certification process up and running
The Linux community is adopting a professional certification approach to security. Individual projects can apply for certification and if they pass certain criteria and tests, they receive a badge that will let potential users know that project is following security best practices.
This is an especially great idea for corporate Linux users that require certifications for everything.
FTA:
Back in August 2015, the Linux Foundation Core Infrastructure Initiative (CII) announced a new badging effort to help open-source projects with security best practices. On May 3, the first groups to achieve the security badge were formally announced, and they include Curl, GitLab, OpenBlox, OpenSSL, Node.js, Zephyr and the Linux kernel.
To earn a badge, projects must comply with a set of security best practices as outlined in the CII Best Practices Badge GitHub repository. Most of the items are either automatically verified—for example, providing encrypted access to a repository—or obvious, such as providing good release notes, according to Dan Kohn, senior adviser to CII and the Linux Foundation...
http://www.eweek.com/security/linux-foundation-advances-security-efforts-via-badging-program.html
No comments:
Post a Comment