Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Collaborate on capabilities and best practices that secure open source software.

Start a Conversation

Participate in the latest community conversations and engage with experts.

Take Security Training

Take free courses on secure coding practices as part of our certificate program.

Read our Security Guides

Explore our helpful security guides to help secure your project from the start.

Featured Projects

OpenSSF Scorecard

Assess open source projects for security risks through a series of automated checks.

Learn More

OSPS Baseline

Structured security requirements aligned with international frameworks, standards, and regulations.

Learn More

Sigstore

sigstore is a standard for signing, verifying, and protecting software.

Learn More

SLSA

Safeguarding artifact integrity across any software supply chain.

Learn More

What’s in the SOSS? Podcast

Listen on Apple Podcasts Listen on Spotify Listen on Overcast Listen on Pocket Casts

OpenSSF Hosted Events

OpenSSF events are a great opportunity to get involved with the OpenSSF community across the security and open source ecosystem. Join us and share ideas, progress, and collaborate on securing open source software.

Read the Latest Reports From OpenSSF

Secure Open Source Software Vision Brief 2025

2024 Annual Report

Alpha-Omega 2024 Annual Report

Recent Blog Posts

VIEW ALL BLOGS →

Blog Guest Blog

April 23, 2025

Vulnerability Enumeration Conundrum – an Open Source Perspective on CVE and CWE

In recent days, the vulnerability management ecosystem has experienced shocking news that the de facto standard used throughout industry and upstream, the CVE & CWE Programs, were unexpectedly being defunded…

OpenSSF

Love0

April 16, 2025

NEW FREE COURSE: Understanding the EU Cyber Resilience Act (CRA) (LFEL1001)

By Linux Foundation Education, see original blog. Quickly Grasp the Key Requirements of the CRA with this Express Learning Video Course OpenSSF and Linux Foundation Education have announced the launch of Understanding the EU…

OpenSSF

Love0

Blog

April 14, 2025

Key Takeaways from VulnCon 2025: Insights from the OpenSSF Community

By Christopher Robinson (CRob), Chief Security Architect, OpenSSF VulnCon 2025 has once again proven to be an essential gathering for security professionals, fostering collaboration, innovation, and progress in vulnerability management.…

OpenSSF

Love0

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

Join the growing list of organizations supporting the advancement of securing open source technology and funding the development and adoption of OpenSSF initiatives.

Explore Membership in OpenSSF

Mastodon

Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

Featured Projects

OpenSSF Scorecard

OSPS Baseline

Sigstore

SLSA

What’s in the SOSS? Podcast

OpenSSF Hosted Events

Read the Latest Reports From OpenSSF

Recent Blog Posts

VIEW ALL BLOGS →

Vulnerability Enumeration Conundrum – an Open Source Perspective on CVE and CWE

NEW FREE COURSE: Understanding the EU Cyber Resilience Act (CRA) (LFEL1001)

Key Takeaways from VulnCon 2025: Insights from the OpenSSF Community

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

Featured Projects

OpenSSF Scorecard

OSPS Baseline

Sigstore

SLSA

What’s in the SOSS? Podcast

OpenSSF Hosted Events

Read the Latest Reports From OpenSSF

Recent Blog Posts

VIEW ALL BLOGS →

Vulnerability Enumeration Conundrum – an Open Source Perspective on CVE and CWE

NEW FREE COURSE: Understanding the EU Cyber Resilience Act (CRA) (LFEL1001)

Key Takeaways from VulnCon 2025: Insights from the OpenSSF Community

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox