Python Software Foundation, the non-profit organization supporting the Python programming language, has received a $350,000 donation from Google to support some of its projects aimed at enhancing the Python ecosystem’s supply-chain security, reports ZDnet.
Google’s support targets three areas: malware detection for Python Package Index, hiring a Core Python developer-in-residence this year and improvements to core Python tools and services. The funds will be used for “critical supply-chain security improvements, including developing productized malware detection for PyPI, a prototype of dynamic analysis infrastructure for distributions, and other foundational tool improvements,” PSF stated.
The foundation is also set to receive the Google Cloud infrastructure to support its operations.
“Google Cloud has given us access to crucial peering agreements via Cloud Storage that allow us to cost effectively serve PyPI downloads while being good stewards of the limited resources we have from other infrastructure providers. Publishing PyPI's analytics as a public dataset on BigQuery has reduced the burden of supporting and managing access to information that has proven critical to maintainers of libraries as well as the team that keeps PyPI online,” said Ee Durbin, PSF’s director of infrastructure.
Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.
Google Cloud recently introduced Community Security Analytics (CSA), a set of open-sourced queries and rules for self-service security analytics geared toward helping security teams detect common cloud-based threats.