 organizations, open sources to enable that. But the other side of that is that we do have some challenges. I do have, with any software, in terms of vulnerabilities. And the software supply chain is under attack. So this is a diagram to take from Solstice, where we're familiar with this. I've only got 20 minutes to go, so I'm going to go. But we know there are challenges in terms of band and entities by the past COVID reviews, et cetera, et cetera. So I'm not going to go in that way. But there are definitely challenges. And those have led to some significant challenges, significant outages, ransomware, et cetera, headlines, and in this business you know, it's an everyday occurrence. And actually, the long-term shell, which I'll talk a little about later, was a real central moment in terms of realizing how important that source software is and what we should be doing in terms of securing the software supply chain. So right now, why is this important? What we're doing is that we are at a central age. So open source flows through software supply chains into every application, whether you know it or you don't know that it's there. Security is critical. So we've developed trillions of dollars. I'm a political foundation. I'm a leader of two projects, I believe, of MSSF, but there's many other projects. And I have this trillions of dollars of innovation, shared innovations happen. So we need to protect the shared software, bring shared responsibility. That's what I said. It's a community activity. That's what we're doing at MSSF. And by the way, versus our winning, so there's increased tax output. You mentioned the other slide. I read that 700% increases every year in terms of supply chain and tax on open source. And government violence action, I'm going to talk specifically about an activity that was written initially by the White House around public policy and see and basically helping industry in terms of what they have to do. So to put it in a nutshell of what we need to do, we need to prove what we need to prove from a network security, which is kind of the standard for everything, to some kind of system security. So what we expect to do, to measure the trustworthiness code based on objective measures, so that we can get something outsourced to how we trust it wasn't objective standard, but that is trustworthy or not within some kind of network. Processes that encourage better security practices by developers. So how can we get developers involved? And to also process the courage to let them share responsibility for security. And add my defaults. This should be defaulted in everything that everyone does. It should be in how open source is built and used in order to make it secure. So it's where the organization that 100% of the open source security foundation comes, I'm not sure if it's the chapter of the last slide. The chat GVT. We're going to go into the chat and you can say that the next foundation to establish this organization in 2019, the OpenSSF is a global initiative securing investment resources and expertise to measure and improve the security open source software and the software supply term. And we bring together cybersecurity and open source software leaders building an array of different technology initiatives to help with this course. Particularly around open source software, security software, open specifications, and open red education resources. I'm going to touch on some of those within my next 12 minutes. And other products and activities that build cybersecurity capacity and reduce global cyber security and security risks. These are our members. We have a very strong support. These are our premium members. We'll actually be going for just over a few years and we kind of get in the middle of the pandemic, right? So we have a very strong support from the likes of AWS, from Google, by Dewey, the Bank of Melbourne, or I think Joe, thank you more than IBM, and I think you know most of these organizations, right? And this is just a great list. These are our premium members. We also have a long list of our general and associate members from many, many different types of institutions, like Coindescent, Goldman Sachs, and I'll just pick up two here. There's Candace, who came, who are a startup here, who are at Singapore, and also we have Nanyang, a technology university that's one of our associate members as well. And it's just a great list. So if you want to come in, I'll come and talk to you. Associates are kind of non-profits and governments, and as a gentleman there's our corporate. This is how we look. We have a governing board, we have a community, we have different organizations that come off those, and we have a bunch of user groups, so I'm going to go through very quickly, but I see you to go, I'll get help, go to OpenSSF, and you can go have a look, and get involved in this four, four for our community, right? And we have two other kind of key projects out for Amiga, I'm going to talk a little about, and six for two kind of key projects so this is our OpenSSF working groups, we have a best practices work group, and these are all available, you can record on YouTube, all the meetings, it's all military, it's all available, obviously I live in Hong Kong, we're on the wrong side of the planet sometimes, a lot of these different time zones that I would like to do and I'm very open to see what else we can do here to assist and do other things within this time zone, and that's what I'm working with, so best practices, best practices for our school, our MFA, distribution to some of the key projects, we have a bunch of training, vulnerability disclosures, we've had a great guide to coordinated vulnerability disclosure, but that's all software projects, we've had a lot of day, Ali then distributed, and there was some challenges with the way that came out, but we'll make that more clear and explicit, and that's with everything, to this improvement, identify security threats, security tooling, supply chain, so there's salsa, many of you know about salsa, that came from Google, so that's a framework for doing some sort of supply chain, and we have securing critical projects, as we know in millions of projects to get, there's what we should be looking at, and which ones we should be helping, and many associated projects, so I'm going to go very, very quickly. So this is the AlphaMe project, Alpha, I don't know that we have, so we'll do two sides, Alpha, there's a top, 20 projects to see reporting, giving money, help Python, query Node.js, help building maturity capacity for compare and response to security issues. Amiga, we're working on scanning the other, the next 10,000 projects, so this is a project originally by, I think it was Google, and Microsoft, a lot of AWS for funding this, so that's one project, we have a lot of training, we've got two minutes, and by the way, we're not just open source software, we're all software, so this is, I'm sitting down, I have to be open source software, so please don't have a look at that. I'd like to take you a little bit into some of the things we've done, at the end of the year, or after a lot of the day, and in terms of raising the AWS, so as you all know, in 2021, we had a lot of check, I broke the internet, so deep down inside, so basic, it was a issue for everyone, so basically the White House called in, led by other agencies, because it's open source cloud infrastructure companies, so like Google's AWS, AWS is some of the big banks, and AWS Foundation, and OpenSSF, they're actually software foundation, and I think the kind of message was, this isn't the new north end. Hopefully not, hopefully not, so the answer is, no, of course not, so as an industry, how do we collaborate to help open source software, which now mostly possesses software that becomes secure, I don't know, so this is a, we are in the usual place for this now, and I need a few minutes to talk about it, but we've talked about three different areas, so software production might help developers have better tools to build better software, second, to improve cloud availability, discovery, so let's go out and find more, there's many tools, maybe we should have better tools, and we'll mediation, if we do find that out, and then the third area, the short ecosystem patching, it's possible, really that's not, that's not, we'd make sure that we know patching is a program, so the three kind of roles that I identified in the meeting that happened at the White House, and now that we've developed the source security mobilization function, so first, we'll address, you've got to look at this, you might have slides all the way, I'm happy to take you through it, and we're along with our coming war on my expert community, we define this kind of about 150 million of funding, but we have that, we've got BC, we've got the kind of ground one, this is about community, and these are 10 different areas, baseline security software development, so education, after the education we have, more of the university, so help education, the risk assessment, that's what I was saying, digital signatures, the liberal arts processing, this is all about expanding and requesting more memory-safe language, meeting the rest, etc, I talked to somebody about doing that yesterday, open source security incident response team, trying to help projects, and you know, respond everywhere, I don't have time to go through it all, there's a lot of detail, I'm happy to go through the global effort working on this, we then launched this last year at a cross-section of developers, commercially, and with the federal agencies in the West, we're reviewing the plan to get up to a high level, and we actually got some funding from Vice-Councilor Eric and Google, Intel Microsoft doing that, some of this has been started to work with that government, or it's been done in a very open fashion, but how do we spend that money? People like Cobra usually write for some of the top projects, so I don't have time to do that, but also in Asia Pacific we did this in Japan as well with the agencies, and looking with a big impact on increasingly government to help facilitate that, and also with open source communities around the world, so I'm not going to go through this, I'll go through this, but I think there's another time, here it is again, so a hundred and fifty million is a lot of money, it's not really worth it for the damage, I'm clocked for J, I think it's a lot of money, but just one instance, the Equifax, that was seven of it was fine for one, now, this is a huge benefit, but they take important action against business that fell to a lot of the J, so many other examples, so in my last five minutes, I really want to say that we have lots of information, we have talent, this is a breakout hall we had with Michael and other organizations, we talked about updating with S1, so even if you're on the same time, so we can do stuff here, I would also like to do webinars with our experts here, so we can talk about this in our time, so maybe some things can come out of this part of the world, so it's very open, it's all available to everybody, I'm almost in meetups, we've done a lot here in Singapore already, we've done a lot in the Scantas, I'll just do that for all my meter in around three quarters here, which everyone's welcome to come on to, and we'll start kind of engaging, we have a Slack group, we've seen some more already than in Tokyo, something Bangalore and we shall continue doing that and everyone is welcome to get involved with the volunteers, people get involved to help support this effort. So that's it, you can visit our home, you can join as a member company, you can be a corporate, as an individual, you can just get involved, Slack channels, mailing lists, working groups, all are welcome, and I'm always available on LinkedIn, Telegram, Slack, Line, WeChat, I'm everywhere, so we are always welcome to help you, so they will thank you, I think we've got one on the left.