Google announced on Tuesday a new initiative aimed at providing a supply chain of open source software through curatorial and distributing a proven security collection of open source packages to Google Cloud customers. From the report: The new service under the Assured Open Source Software brand was introduced in a post on the company’s blog. In this post, Andy Chang, Google Cloud Security and Privacy Product Manager, pointed out some security issues with open source software and stressed Google’s commitment to open source. “The community of developers, businesses and governments are increasingly aware of the risks of the software supply chain,” Chang wrote, citing last year’s large log4j vulnerability. “Google continues to be one of the largest supporters, contributors and users of open source and is actively involved in helping to make the open source software ecosystem more secure.” According to a Google ad, the Assured Open Source Software service will extend the benefits of Google’s own extensive audit experience to Cloud clients. All open source packages available through the service are also used internally by Google, the company said, and are regularly scanned and analyzed for vulnerabilities.