æva black
@aevavoom
Hacker, opensource geek, public speaker, advocate. Currently works at CISA. All opinions = 💯 mine. 🏍️/🏳️🌈/⚧️
ID:18809935
https://aeva.online/ 09-01-2009 18:35:08
17,2K Tweets
4,7K Followers
986 Following
The XZ Utils compromise highlights the urgent need for software manufacturers to sustain the open source ecosystems they depend on. Read my teammates Jack Cable & æva black's blog on how Cybersecurity and Infrastructure Security Agency is approaching open source with a #SecureByDesign mindset: go.dhs.gov/JHf
CISA advisors Jack Cable and æva black describe in our latest blog how we are responding to the XZ Utils compromise and how every tech manufacturer should take a #SecureByDesign approach to securing open source software: go.dhs.gov/JHf
Public details of the xz hack mirror what so many #opensource maintainers have been worried about because most tech stacks are deeply dependent on volunteerism — so, burn out is a security concern.
Responsible Consumers
must be
Sustainable Contributors
👉After a lot of hard work, I’m excited to announce that Cybersecurity and Infrastructure Security Agency’s Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) is now available on the Federal Register at go.dhs.gov/JbC.