Tech Coalition 'Athena' Targets OSS Vulnerabilities Ahead of Disclosure

Over two dozen fintech and technology organizations have formed a coalition to secure open source software (OSS) from accelerated, AI-driven exploitation.

Named Athena, it has gathered industry leaders such as BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTM, PwC, and more, under a shared goal: to find vulnerabilities in OSS and to triage, fix, and protect against their exploitation even before patches arrive.

Each member adds capability that others cannot provide, ranging from pre-disclosure findings to extended protections across layers the exploits traverse, security patches, and means to deliver fixes at scale.

Athena relies on a shared, active platform that stacks multiple layers of protection, pooling and correlating findings from each member, to provide coverage until an upstream fix is available.

By design, a significant part of Athena’s impact is invisible, as mitigations are meant to address weaknesses before they become public knowledge, to protect libraries that are widely used across tech companies’ products and critical infrastructure systems.