Linux Foundation Launches Akrites, a Shared Security Incident Response Team for Open Source Vulnerability Coordination
Summary
The Linux Foundation has launched Akrites, a new open source security initiative that establishes a shared Security Incident Response Team (SIRT) to coordinate the discovery, patching, and coordinated public disclosure of security vulnerabilities in open source software. The project provides tools and channels for reporting and validating vulnerabilities before public disclosure. It is backed by major industry players including Anthropic, AWS, Google, Microsoft, NVIDIA, OpenAI, Red Hat, and others. Seed funding comes from Alpha-Omega, and the initiative aligns with prior efforts like Chainguard's Athena. Akrites aims to reduce uncoordinated vulnerability reports and work with critical infrastructure to deploy fixes before exploitation. The Linux Foundation emphasizes measuring success by patch deployment rather than publication, noting that adversaries can use AI to reverse engineer vulnerabilities and develop exploits after patches are released.
Source
Key quotes
· 3 pulledAkrites is a Linux Foundation initiative that forms a shared Security Incident Response Team to coordinate discovery, patching, and public disclosure of open source software security defects.
Akrites aims to create a confidential trusted disclosure partner, reduce hundreds of uncoordinated reports, and work with critical infrastructure to deploy fixes before in-the-wild exploitation.
The Linux Foundation says success will be measured by patch deployment rather than publication because adversaries can use AI to reverse engineer vulnerabilities, develop exploits, and attack after patches are released.
You might also wanna read
Open Letter: Launch of Akrites — A Coordinated Effort to Defend Open Source Software Vulnerabilities
An open letter from the technology industry announcing the launch of Akrites, a coordinated effort to remediate vulnerabilities in open sour
Open Letter: Launch of Akrites — A Coordinated Effort to Defend Open Source Software Vulnerabilities
An open letter from the technology industry announcing the launch of Akrites, a coordinated effort to remediate vulnerabilities in open sour
Open Letter: Launch of Akrites — A Coordinated Effort to Defend Open Source Software Vulnerabilities
An open letter from the technology industry announcing the launch of Akrites, a coordinated effort to remediate vulnerabilities in open sour
Census II Report on Open Source Software
Major AI Companies Launch Agentic AI Foundation to Advance Open Source Agentic AI
Major AI companies including Block, Anthropic, and OpenAI have launched the Agentic AI Foundation (AAIF), a vendor-neutral non-profit organi
I am at the Linux Foundation!
FOSS Contributor Survey
Singularity: An Open-Source Rootkit for Linux Security Research
The article discusses the development of Singularity, an open-source rootkit for Linux systems created by Matheus Alves. It addresses the ir

Comments
Sign in to join the conversation.
No comments yet. Be the first.