The Linux Foundation (LF) will pay developers to secure Linux and open-source software programs.
David A. Wheeler, Head of Open Source Supply Chain Security at LF, stated that the Linux Foundation funds people directly to do security work.
As soon as a developer recognizes a problem, they reach out to an appropriate LF organization.
A contract will be concluded in which a brief description will be given of the problem that needs to be solved and how the problem should be solved, including the necessary resources and who will solve the problem.
The proposal will be examined by the appropriate LF technical review point of contact (POC), progress reports will be drawn up, after which the POC will review the body and, where appropriate, the payment will be approved.
The funding in question comes from various pro-Linux and open source organizations such as Google, Microsoft, the Open Source Security Foundation (OpenSSF), the LF Public Health foundation and the Linux Foundation itself.
For more information, read the original story in ZDNet.
