All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
First reported by Hacker News
Open Letter: Launch of Akrites — A Coordinated Effort to Defend Open Source Software Vulnerabilities

Linux Foundation Launches Akrites, a Shared Security Incident Response Team for Open Source Vulnerability Coordination

8d ago· 1 min readenNews

Summary

The Linux Foundation has launched Akrites, a new open source security initiative that establishes a shared Security Incident Response Team (SIRT) to coordinate the discovery, patching, and coordinated public disclosure of security vulnerabilities in open source software. The project provides tools and channels for reporting and validating vulnerabilities before public disclosure. It is backed by major industry players including Anthropic, AWS, Google, Microsoft, NVIDIA, OpenAI, Red Hat, and others. Seed funding comes from Alpha-Omega, and the initiative aligns with prior efforts like Chainguard's Athena. Akrites aims to reduce uncoordinated vulnerability reports and work with critical infrastructure to deploy fixes before exploitation. The Linux Foundation emphasizes measuring success by patch deployment rather than publication, noting that adversaries can use AI to reverse engineer vulnerabilities and develop exploits after patches are released.

Source

bskyLinux Foundation Launches Akrites, a Shared Security Incident Response Team for Open Source Vulnerability Coordinationbriefly.co

Key quotes

· 3 pulled
Akrites is a Linux Foundation initiative that forms a shared Security Incident Response Team to coordinate discovery, patching, and public disclosure of open source software security defects.
Akrites aims to create a confidential trusted disclosure partner, reduce hundreds of uncoordinated reports, and work with critical infrastructure to deploy fixes before in-the-wild exploitation.
The Linux Foundation says success will be measured by patch deployment rather than publication because adversaries can use AI to reverse engineer vulnerabilities, develop exploits, and attack after patches are released.
Snippet from the RSS feed
Akrites is a Linux Foundation initiative that forms a shared Security Incident Response Team to coordinate discovery, patching, and public disclosure of open source software security defects. It provides tools and channels to report, validate, and address

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.