Here’s the translation to American English:
Canonical, the company behind Ubuntu, has announced the creation of the Ubuntu Security Research Alliance Program, a free initiative aimed at strengthening security in the open-source software ecosystem. This program establishes a collaboration between Canonical and organizations specializing in vulnerability scanning, with the goal of improving the transparency, accuracy, and usefulness of information about vulnerabilities.
A Step Forward in Ubuntu Security
The new program aims to provide clearer and more actionable data on vulnerabilities present in Ubuntu and other open-source software packages. According to Canonical, this collaboration will enable a more proactive detection of threats and will help Ubuntu users implement more effective solutions to protect their systems.
Lech Sandecki, Product Manager at Canonical, noted: “Ubuntu is more than an operating system; it’s a gateway to the open-source ecosystem. With this alliance, we want to make that experience more reliable by offering more precise and actionable outcomes to users employing security scanning tools.”
Benefits for the Open-Source Community
The program is specifically designed for security research providers, such as developers of vulnerability scanning tools. Program members will receive early access to planned changes in Canonical’s tools and processes, as well as roadmaps for Ubuntu.
Key benefits of this alliance include:
- Reduction of False Positives: Scanning tool operators will be able to enhance the accuracy of their reports, reducing unnecessary alerts.
- Actionable Recommendations: Scan results will include clear steps for mitigating vulnerabilities, making it easier for system administrators.
- Access to Critical Information: Program members will be able to consult real-time details about vulnerabilities and solutions for all packages within Ubuntu.
Scott Johnson, Vice President of Product Management at Black Duck, emphasized the importance of this initiative: “Securing open-source software is essential for protecting the software supply chain. Together with Canonical, we have strategically worked to provide exceptional visibility and control over Ubuntu components.”
Collaboration with Key Security Players
Canonical has ramped up its security efforts through key partnerships, such as its recent collaboration with the OpenSSF Vulnerability Disclosures Working Group. Thanks to this initiative, Ubuntu Security Notices (USNs) are now available in OSV format, simplifying vulnerability management and enhancing security for users.
Ray Carney, Director of Research at Tenable, stated: “Research alliances facilitate the sharing of intelligence among security teams, reducing the time that malicious actors can exploit newly discovered vulnerabilities. We are excited to work with Canonical on this program to improve the accuracy and actionability of our reports.”
Boosting Open-Source Security
With this new initiative, Canonical reinforces its commitment to leading security in the open-source ecosystem. The Ubuntu Security Research Alliance not only benefits Ubuntu users but also sets a higher standard for the industry, ensuring that scanning tools are more reliable and effective.
About Canonical
Canonical is the publisher of Ubuntu and a leader in open-source solutions across a wide range of sectors, from infrastructure to artificial intelligence. Its client portfolio includes large technology firms, emerging startups, governments, and home users. Through initiatives like the Ubuntu Security Research Alliance, Canonical reaffirms its commitment to security and innovation in open-source software.
via: ubuntu