December 2023

Dec 21

Recap of OpenSSF Day Japan

By OpenSSF Blog

As 2023 drew to a close, OpenSSF convened the open source community in Tokyo, Japan, to delve into discussions surrounding the challenges, overarching solutions, ongoing initiatives, and triumphs in fortifying…

Dec 20

OpenVEX and Open Source Vulnerability Scanners: How the Dynamic Duo Improves Vulnerability Management

By OpenSSF Blog, Guest Blog

Open source vulnerability scanners now increasingly support OpenVEX, helping open source users reduce the pain of managing vulnerabilities and the burden of false positives. These new integrations with OpenVEX can…

Dec 19

Deconstructing the AI Cyber Challenge (AIxCC)

By OpenSSF Blog

The AI Cyber Challenge (AIxCC) is structured around two tracks and multiple competitions and events. For a brief overview of AIxCC, watch the video: AI Cyber Challenge Streaming Event. Check…

Dec 19

What’s Next in Open Source Security?

By OpenSSF Blog

As we step into the year 2024, the OpenSSF envisions a year marked by transformative growth, heightened resilience, and new opportunities for individuals and organizations contributing to the flourishing ecosystem…

Dec 18

2023 Year in Review: OpenSSF Publishes Annual Report

By OpenSSF Blog

We are a thriving, diverse, nonstop community. We’re pleased to share with you our annual report for this year, which highlights our many accomplishments throughout 2023 and our plans for…

Dec 16

OpenSSF Expands Support for AI Cyber Challenge (AIxCC)

By OpenSSF AI, Blog

In August 2023, OpenSSF announced our partnership with DARPA, to support the AI Cyber Challenge (AIxCC). We set up a generative AI and autonomy for cybersecurity (GaiaCS) project to support…

Dec 15

Strengthening Cybersecurity: NSA and ESF Partners Advocate Open Source Software Security with SBOM Emphasis

By OpenSSF Blog

In a collective effort to fortify cybersecurity practices and safeguard the software supply chain, the US National Security Agency (NSA), in collaboration with the Office of the Director of National…

Dec 13

Introducing SBOMit: Adding Verification to SBOMs

By OpenSSF Blog

We’re happy to announce the launch of SBOMit – a tool to add in-toto attestations to SBOMs (Software Bills of Material). The SBOMit specification is a SBOM-format independent method for…

Dec 12

OpenSSF End Users Working Group: Representing the Interests of Open Source Software Consumers

By OpenSSF Blog

This month’s spotlight focuses on the OpenSSF End Users Working Group, which aims to ensure that the distinct and impactful voice of end users is heard in the development and…

Dec 11

OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis

By OpenSSF Blog

The OpenSSF has submitted a response to the Software Identification Ecosystem Option Analysis by the US Cybersecurity and Infrastructure Security Agency (CISA). This comes in light of CISA's announcement regarding…

Recap of OpenSSF Day Japan

OpenVEX and Open Source Vulnerability Scanners: How the Dynamic Duo Improves Vulnerability Management

Deconstructing the AI Cyber Challenge (AIxCC)

What’s Next in Open Source Security?

2023 Year in Review: OpenSSF Publishes Annual Report

OpenSSF Expands Support for AI Cyber Challenge (AIxCC)

Strengthening Cybersecurity: NSA and ESF Partners Advocate Open Source Software Security with SBOM Emphasis

Introducing SBOMit: Adding Verification to SBOMs

OpenSSF End Users Working Group: Representing the Interests of Open Source Software Consumers

OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

December 2023

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox