Billions of people rely on an Internet built on open source software — which is software anyone can use — but that reliance only works if the software beneath it is secure. That’s why for over 20 years, Google has championed open source by supporting the developers who secure it — fueling initiatives like Google Summer of Code and bug-hunting programs that discover and fix more vulnerabilities.
Today, as a founding member of the Linux Foundation’s Alpha-Omega Project, we’re pledging $12.5 million collectively with Amazon, Anthropic, Microsoft/GitHub and OpenAI to further invest in the stability and security of the open source community. The funding, managed by Alpha-Omega and OpenSSF, will help maintainers stay ahead of a new generation of AI-driven threats, move security beyond vulnerability discovery to actually deploying fixes, and put advanced security tools directly into maintainers’ hands, to turn a flood of AI-generated findings into fast action.
In addition to its industry-wide commitments, Google is dedicated to helping the open source community to outpace evolving threats and tip the scales in favor of the defenders by providing advanced AI tools for wider use.
Internally, Big Sleep and CodeMender, both AI-powered tools from Google DeepMind, have already shown incredible success in helping us protect our own systems, demonstrating that AI can autonomously find and fix deep, exploitable vulnerabilities in systems as complex as the Chrome browser. We’re also extending research initiatives like Sec-Gemini to open source projects (interest form). These breakthroughs show the transformational potential of AI to secure the wider open source ecosystem.
Open source is the backbone of the modern web, and we’re proud to support the maintainers who secure it to move faster, stay safer and continue building the future.
