Big tech companies step in to support the open source security ecosystem
Backed by new funding commitments from major technology players, open source security efforts are moving beyond threat identification toward practical solutions for defenders.
The Linux Foundation announced $12.5 million in grant funding backed by Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft, and OpenAI to strengthen open source security.
The funding will be directed through the foundation’s Alpha-Omega Project and the Open Source Security Foundation (OpenSSF).
The initiative aims to address long-standing gaps in how open source software is maintained and protected. Many critical components are developed by small teams or individual contributors, leaving them exposed to vulnerabilities that can affect thousands of downstream applications.
Recently, the maintainer of the open-source tool cURL ended its bug bounty program after being overwhelmed by AI-generated submissions.
“Grant funding alone is not going to help solve the problem that AI tools are causing today on open source security teams,” said Greg Kroah-Hartman of the Linux kernel project. “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.”
The investment will allow Alpha-Omega and OpenSSF to work closely with maintainers and their communities to integrate security tools into existing workflows and make them easier to adopt. The effort also seeks to support long-term approaches that help developers keep up with rising security demands while strengthening the resilience of the open source ecosystem.
Google said its internal AI tools, Big Sleep and CodeMender, developed by DeepMind, have already helped secure its own systems by identifying and fixing complex vulnerabilities, including those in the Chrome browser.
“Open source is the backbone of the modern web, and we support the maintainers who secure it so they can move faster, stay safe and continue building the future,” Google noted.