The White House will meet with top tech companies Thursday for a summit on open-source security, in the wake of the recently discovered vulnerability in popular open-source logging framework Log4j. Meta, Google, Apple, Amazon, Microsoft, GitHub and The Apache Software Foundation are among the tech outfits planning to attend.
“Open source software has accelerated the pace of innovation and has driven tremendous societal and economic benefits, but the fact that it is broadly used and maintained by volunteers is a combination that is a key national security concern, as we are experiencing with the log4j vulnerability,” a senior administration official said, according to CyberScoop.
Other companies in attendance will include Akamai, Cloudflare, IBM, Linux Open Source Foundation, Oracle, Red Hat and VMware, according to CyberScoop.
In a statement to Protocol, GitHub Chief Security Officer Mike Hanley called the summit "an important step in securing the world’s code together."
"Open-source software underpins the vast majority of the software we all use daily," Hanley said. "Just one or two lines of vulnerable code can have a global ripple effect across the billions of developers and services that rely on it."