Google announced the general availability of its Assured Open Source Software, a service designed to help protect open source supply chains.
Open source software use has risen dramatically in recent years, making it a prime target for bad actors. Supply chains are particularly appealing, since injecting malicious code in a popular library or API can potentially infect thousands of targets.
Google has been working to improve open source supply chain security, with its Assured OSS service.
“Building on Google’s efforts to improve OSS security, we are announcing the general availability of the Assured Open Source Software (Assured OSS) service for Java and Python ecosystems,” writes Andy Chang, Group Product Manager, Security & Privacy. “Available today at no cost, Assured OSS gives any organization that uses open source software the opportunity to leverage the security and experience Google applies to open source dependencies by incorporating the same OSS packages that Google secures and uses into their own developer workflows. “
Developers and companies can get started with Google’s onboarding form.