Navigation
Recherche
|
Eclipse Foundation announces collaboration for CRA compliance
vendredi 5 avril 2024, 16:34 , par LWN.net
The Eclipse Foundation, the organization
behind the Eclipse IDE and many other software projects, announced a collaboration between several different open-source-software foundations to create a specification describing secure software development best practices. This work is motivated by the European Union's Cyber Resilience Act (CRA). The leading open source communities and foundations have for years developed and practised secure software development processes. These are processes that have often defined or set industry best practices around things such as coordinated disclosure, peer review, and release processes. These processes have been documented by each of these communities, albeit sometimes using different terminology and approaches. We hypothesise that the cybersecurity process technical documentation that already exists amongst the open source communities can provide a useful starting point for developing the cybersecurity processes required for regulatory compliance. (Thanks to Martin Michlmayr.)
https://lwn.net/Articles/968566/
|
56 sources (32 en français)
Date Actuelle
ven. 22 nov. - 02:34 CET
|