AI Agent & Copilot
  • Home
  • Exclusives
  • Podcast
  • Microsoft Analysis
  • Reports
  • Events
    • 2026 Event
    • Event Videos
  • Tech Analysts
  • Summit NA
  • Partner Executive Summit
  • AI Agent & Copilot Summit
AI Agent & Copilot
  • Exclusives
  • Podcast
  • Microsoft Analysis
  • Reports
  • Events
    • 2026 Event
    • Event Videos
  • Tech Analysts
  • Login / Join

    A confirmation code will be emailed when setting up your account or resetting your password—check spam if needed.no-reply@dynamicscommunities.com

AI Agent & Copilot
  • Login / Join

    A confirmation code will be emailed when setting up your account or resetting your password—check spam if needed.no-reply@dynamicscommunities.com

Home » AI Giants – and Giant Customers – Flex Muscle to Protect Open-Source Software from AI Exploits
AI and Copilots

AI Giants – and Giant Customers – Flex Muscle to Protect Open-Source Software from AI Exploits

Tom SmithBy Tom SmithJune 30, 2026Updated:June 30, 20263 Mins Read
Facebook Twitter LinkedIn Email
Share
Facebook Twitter LinkedIn Email

Software industry leaders recognize the expanding threat posed by use of AI to identify and exploit security vulnerabilities, particularly in open-source software.

So a range of AI and security leaders, as well as prominent customer organizations, are banding together to combat AI-powered exploits while working together on disclosure, responses, and development of hardened open-source software to prevent or mitigate AI-driven attacks.

Those leaders have launched an initiative called Akrites under the auspices of the Linux Foundation, with the objective of coordinating remediation of vulnerabilities in open-source software with those maintaining the software before vulnerabilities can be exploited.

Akrites’ backers lend considerable weight to the initiative; they include Anthropic, Google, Microsoft, NVIDIA, and OpenAI, as well as large customers including Citi and JPMorganChase. See the full list of backers.

Critical Software

In launching Akrites, the Linux Foundation – which is also shepherding the critical Model Context Protocol (MCP) interoperability spec for AI – noted the importance of open-source software in today’s digital economy; it underpins core systems in banking, energy, healthcare, telecommunications, and transportation.

JPMorganChase views Akrites as “a mechanism that enables downstream operators of critical infrastructure so that fixes reach real systems before adversaries can turn disclosures into exploits,” said Pat Opet, the bank’s Chief Information Security Officer, who has openly called for greater security controls in the AI era.

Opet added, “And upstream, we owe maintainers a single, reliable signal: confirmed vulnerabilities, well-tested proposed fixes, and a predictable partner they can trust, rather than a flood of duplicative, conflicting reports.”

Akrites aims to fix precisely the issues that Opet calls out. Today, security response involves a patchwork of organizations working on the same problems in silos or flooding maintainers of open-source software with sometimes duplicate reports. Akrites changes that model: it’s a unified source to coordinate, disclose, and remediate security vulnerabilities. Leaders are pledging to work with critical infrastructure providers to support patch deployment before vulnerable systems can be targeted.

“The existing model for coordinated disclosure has been outpaced by how quickly AI can now find vulnerabilities. Getting ahead of that requires the industry to coordinate on findings and get fixes upstream before they’re disclosed and exploited,” said Jason Clinton, Deputy Chief Information Security Officer at Anthropic. “Efforts like Akrites drive this level of coordination at the scale and speed this moment requires.”

Akrites backers pledge to do the work with confidentiality: bug fixes will flow back into each project’s original home, on maintainers’ terms. Where a critical program has no active maintainer, Akrites will serve as maintainer of last resort so fixes to the latest version propagate in a timely fashion. They also said they will coordinate with government efforts so public and private defenders move together.

“Microsoft and GitHub will contribute expertise, resources, and AI technologies to help responsibly identify and fix vulnerabilities across the open source software ecosystem that customers and organizations depend on,” said Mark Russinovich, Azure Chief Technology Officer, Deputy Chief Information Security Officer and Technical Fellow at Microsoft.

A directed fund of the Linux Foundation, called Alpha-Omega, will provide seed funding to support Akrites. Other organizations that contribute engineering resources or funding to the security of critical open source are invited to participate. More information is available at the Akrites website.

Related Insights on AI Threats and Security

  • Report Underscores The AI Imperative in Combating Automated Attacks
  • Security Leaders Ramp Up Agentic Use Case While Protecting Against Shadow AI
  • Microsoft Taps Power of AI to Expand Breadth, Depth of Security Investigations

For a 36-Hour Immersion into the FY27 Priorities that define Partner Success in the AI Era, join us at the AI Business Solutions Partner Executive Summit, running July 22-23, 2026, in Bellevue, Washington. Register today.

ai ai agent copilot featured Google Cloud governance Microsoft Nvidia OpenAI security
Share. Facebook Twitter LinkedIn Email
Analystuser

Tom Smith

Analyst
Cloud Wars, Agent and Copilot

Areas of Expertise
  • LinkedIn

  Contact Tom Smith ...

Related Posts

Event Moment: Dona Sarkar Says AI Hasn’t Had Its Netflix Moment Yet

July 1, 2026

Event Moment: Sachin Gandhi on the Expanding Enterprise Agent Ecosystem

June 29, 2026

Event Moment: AI Adoption Fails When Technology Outruns the Use Case

June 26, 2026

With Agent 365 Skills, Microsoft Accelerates Rollout of Governed Enterprise-Grade Agents

June 26, 2026
Add A Comment

Comments are closed.

Community Summit NA 2026

Gaylord Opryland Resort
      Nashville, TN
October 11–15, 2026

The largest independent Microsoft AI & Business Applications User Conference on the planet. Four days of big ideas, education, training, networking and more to define your relevance in the AI era. Register Now

Recent Posts
  • Event Moment: Dona Sarkar Says AI Hasn’t Had Its Netflix Moment Yet
  • AI Giants – and Giant Customers – Flex Muscle to Protect Open-Source Software from AI Exploits
  • Event Moment: Sachin Gandhi on the Expanding Enterprise Agent Ecosystem
  • Event Moment: AI Adoption Fails When Technology Outruns the Use Case
  • With Agent 365 Skills, Microsoft Accelerates Rollout of Governed Enterprise-Grade Agents

  • Newsletter
  • Event Sessions
  • AI Reports
  • Exclusive Interviews

Join Today

Advertisement
AI Agent & Copilot
  • Home
  • Privacy Policy
  • Contact Us
  • AI Agent & Copilot Summit
© 2026 AI Agent and Copilot

Type above and press Enter to search. Press Esc to cancel.