Skip to main content

đź“© Stay Updated! Follow us on LinkedIn and join our mailing list for the latest news!

Monthly Archives

February 2024

OpenSSF Week at a Glance – Feb 20

By Newsletter

Announcing the First Ever SOSS Fusion Conference: How You Can Get Involved

Register-Now
We are thrilled to announce the first ever Secure Open Source Software (SOSS) Fusion Conference 2024, a two-day conference hosted by the OpenSSF in Atlanta, GA. Set to take place on October 22-23, 2024, at The Hotel at Avalon, this event is dedicated to Securing Open Source Software (SOSS). The event registration is now open, and we invite you to join this event to contribute to the discussions around open source software security.

 

OpenSSF Participates in Department of Commerce Consortium Dedicated to AI Safety

OpenSSF Participates in Department of Commerce Consortium Dedicated to AI Safety

The Open Source Security Foundation (OpenSSF) is participating in the Biden-Harris Administration’s first-ever Consortium Dedicated to AI Safety, led by the US Department of Commerce. We join over 200 leading artificial intelligence (AI) stakeholders in supporting the development and deployment of trustworthy and safe AI along with other Linux Foundation (LF) projects including LF AI & Data, SPDX, and C2PA. 

 

Linux Kernel Achieves CVE Numbering Authority Status

linuxkernelachievesCVE
The Linux kernel has achieved a significant milestone in open source software security. It has been authorized as a CVE Numbering Authority (CNA) by the CVE Program. Being a CNA enables the Linux kernel team to manage the vulnerabilities with more accuracy and higher quality in the future.  As Linux Foundation Fellow Greg Kroah-Hartman pointed out in his blog: “This announcement is just the first step, allowing us to be the manager of the CVE allocation process for Linux.”

 

Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing

scalingupsupplychainsecurity
In this case study, we will explore how Yahoo leverages Sigstore, in concert with Athenz, an open source platform for managing X.509 certificates, as an internal Certificate Authority, to sign and verify container images.

 

Alpha-Omega 2023 Annual Report

AO-Annual-Report-Blog-Image
In 2023, Alpha-Omega provided ten grants to eight organizations totalling over $2.8 million dollars, with an average grant size of just over $350,000. Together with OpenSSF, Alpha-Omega’s mission is to catalyze sustainable security improvements within the most critical open source projects and ecosystems. Read the blog for key highlights from 2023.

 

In the Headlines

Don’t Forget…

SOSS