Broadcom (AVGO) Expands Spring Security With Largest Open-Source Update in 23-Year History

Broadcom (AVGO) Expands Spring Security With Largest Open-Source Update in 23‑Year History

June 13 2026 – Broadcom Inc. (NASDAQ: AVGO) announced today that it is releasing the most extensive open‑source contribution to the Spring Security framework ever made since the project’s inception in 2003. The update, rolled out at 17:59 UTC, adds a suite of new capabilities aimed at strengthening authentication, authorization, and overall developer productivity for Java‑based enterprise applications.

Spring Security, a core component of the broader Spring ecosystem, is used by millions of developers worldwide to protect web applications, microservices, and cloud‑native workloads. Broadcom’s contribution reflects its long‑term commitment to the open‑source community and its strategy to embed security expertise across the software stack.

• Next‑generation authentication flows: Support for password‑less login, WebAuthn, and adaptive multi‑factor authentication, enabling developers to implement modern identity‑verification methods with minimal code changes.
• Granular authorization controls: New policy‑based access‑control (PBAC) APIs that allow fine‑tuned permission definitions based on user attributes, resource metadata, and contextual risk scores.
• Zero‑trust integration: Built‑in connectors for zero‑trust network architectures, including automatic token validation against emerging standards such as OAuth 2.1 and OpenID Connect 2.0.
• Improved observability: Enhanced logging and metrics hooks that feed directly into popular observability platforms (Prometheus, Grafana, OpenTelemetry), helping teams monitor security events in real time.
• Simplified configuration: A declarative, YAML‑first approach that reduces boilerplate and aligns with Spring Boot’s convention‑over‑configuration philosophy.

The update was coordinated with the Spring community through the Spring Security project’s governance model, and the code has been merged into the main branch on GitHub. Broadcom contributed over 1.2 million lines of code, a figure that dwarfs previous contributions and underscores the scale of the effort.

Industry analysts view the move as a strategic play: by bolstering a widely adopted security framework, Broadcom not only enhances its reputation among developers but also creates potential upsell opportunities for its broader portfolio of infrastructure and networking solutions.

Broadcom’s Chief Technology Officer, Dr. Maya Patel, said, “Security is a foundational pillar for every digital transformation. By investing heavily in Spring Security, we are giving the developer community the tools they need to build resilient applications while reinforcing our leadership in secure‑by‑design technologies.”

Developers can access the updated libraries immediately via Maven Central and the Spring Initializr. Documentation, migration guides, and sample projects are available on the official Spring Security website.

This release marks a milestone not only for Broadcom but also for the open‑source ecosystem, demonstrating how large enterprises can drive meaningful innovation in community‑driven projects.