New York, USA and Bangalore, India – March 15, 2022: Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading global information technology, consulting and business process services company, announced that it has joined the Open Source Security Foundation (OpenSSF) on the governing board to help address the growing threat to the software supply chain.
The OpenSSF is a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important open source security initiatives to help identify and fix security vulnerabilities in open source software and develop improved tooling, training, research, best practices, and vulnerability disclosure practices. In addition to developing and contributing best practices for secure coding and software components for the projects under the OpenSSF banner, Wipro’s leadership and open source experts will join other members in setting direction through governance and working committees of the foundation.
"We are thrilled to now count Wipro as a key strategic partner in the OpenSSF community," said Brian Behlendorf, General Manager, OpenSSF. "With their massive global technology team building open source software, and their reach across so many critical sectors, they will be tremendously helpful in driving adoption for the specifications, systems, software and content coming from the OpenSSF. In fact, they are already participating!"
“We’re excited to be a member of this important industry initiative and to work with our peers to help ensure the integrity of the global software supply chain”, said Andrew Aitken, Global Open Source Leader, Wipro Limited. “With Board representation from our CTO, Subha Tatavarti, and subject matter experts engaged in all working groups and projects, Wipro is fully committed to helping the industry develop better methods, processes and tools to identify and remediate vulnerabilities. In addition, our goal is to improve and share secure coding best practices with the community to address the growing threat to our software supply chain.”
Wipro’s open source and cybersecurity experts currently contribute to the six key working groups and projects within OpenSSF, engaging with members of the community to build use cases and experience-based insights to expand the scope of future offerings. Among those are:
- Sigstore project (comprised of Cosign, Rektor and Fulcio subprojects) expands current code signing capabilities to support a broader range of pipeline tools and incorporate automation for code signature validation as a standard practice. Wipro’s contribution is to Cosign, where we are building automation scripts for use with popular CICD pipeline tooling to verify code signing of docker containers; Helm Charts, Tekton Bundles, and others, to ensure no tampering or updates were made post creation; and Rektor, where we’ll provide documentation on the use of the Rektor APIs for retrieval of log data to provide appropriate metrics that will help make decisions on the trust, acceptance and validity of the signed metadata in the system.
- SLSA project: is building a security framework, checklist of standards and controls to prevent tampering, improving integrity, and securing packages and infrastructure in projects. Wipro is identifying and testing processes and tools to increase the automation of software supply chain security standards and promote the adoption of the framework in the industry.
Wipro is also engaged in related external projects, including OpenChain (ISO Standard for open source license compliance) and SPDX (ISO Standard for communicating SBOM information). Wipro’s involvement in these projects, combined with its experience working with enterprises across all geographies and industries, brings valuable insights to OpenSSF working groups, especially around Best Practices and Vulnerability Disclosures.
About Wipro Limited
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 220,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future.
Sandeep Deb Varman
The forward-looking statements contained herein represent Wipro’s beliefs regarding future events, many of which are by their nature, inherently uncertain and outside Wipro’s control. Such statements include, but are not limited to, statements regarding Wipro’s growth prospects, its future financial operating results, and its plans, expectations and intentions. Wipro cautions readers that the forward-looking statements contained herein are subject to risks and uncertainties that could cause actual results to differ materially from the results anticipated by such statements. Such risks and uncertainties include, but are not limited to, risks and uncertainties regarding fluctuations in our earnings, revenue and profits, our ability to generate and manage growth, complete proposed corporate actions, intense competition in IT services, our ability to maintain our cost advantage, wage increases in India, our ability to attract and retain highly skilled professionals, time and cost overruns on fixed-price, fixed-time frame contracts, client concentration, restrictions on immigration, our ability to manage our international operations, reduced demand for technology in our key focus areas, disruptions in telecommunication networks, our ability to successfully complete and integrate potential acquisitions, liability for damages on our service contracts, the success of the companies in which we make strategic investments, withdrawal of fiscal governmental incentives, political instability, war, legal restrictions on raising capital or acquiring companies outside India, unauthorized use of our intellectual property and general economic conditions affecting our business and industry. The conditions caused by the COVID-19 pandemic could decrease technology spending, adversely affect demand for our products, affect the rate of customer spending and could adversely affect our customers’ ability or willingness to purchase our offerings, delay prospective customers’ purchasing decisions, adversely impact our ability to provide on-site consulting services and our inability to deliver our customers or delay the provisioning of our offerings, all of which could adversely affect our future sales, operating results and overall financial performance. Our operations may also be negatively affected by a range of external factors related to the COVID-19 pandemic that are not within our control. Additional risks that could affect our future operating results are more fully described in our filings with the United States Securities and Exchange Commission, including, but not limited to, Annual Reports on Form 20-F. These filings are available at www.sec.gov. We may, from time to time, make additional written and oral forward-looking statements, including statements contained in the company’s filings with the Securities and Exchange Commission and our reports to shareholders. We do not undertake to update any forward-looking statement that may be made from time to time by us or on our behalf.