Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
May 30, 2025 |
In Blog
Member Spotlight: Trail of Bits – Driving Open Source Security Through Standards, Prototypes, and Policy
Trail of Bits is a leading cybersecurity research, engineering, and consulting firm that works with some of the most security-conscious organizations in the world—including Facebook, government agencies like DARPA, and prominent cryptocurrency protocols. Founded in 2012, each part of the company focused on open sourcing their work- tools,research, and audits… Read more.
May 21, 2025 |
In Blog
Call for Proposals Now Open for Open Source SecurityCon 2025
We’re thrilled to announce that the Call for Proposals is now open for Open Source SecurityCon, a brand new event hosted by OpenSSF and CNCF, taking place on November 10, 2025, in Atlanta, Georgia. Read more.
May 15, 2025 |
Case Study: Ericsson’s C/C++ Compiler Options Hardening Guide and OpenSSF Collaboration
Ericsson, a global leader in telecommunications and networking, has been deeply engaged in open source and software security for over a decade. Through its Open Source Program Office (OSPO), Ericsson coordinates its participation across multiple foundations and initiatives, including the Open Source Security Foundation (OpenSSF). This case study highlights Ericsson's… Read more.
May 14, 2025 |
Linux Foundation and OpenSSF Release Cybersecurity Skills Framework to Strengthen Enterprise Readiness
New Customizable Global Framework Aligns IT Job Roles with Practical Cybersecurity Skills SAN FRANCISCO, CA – May 14, 2025 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and… Read more.
May 9, 2025 |
In Blog
Call for Proposals for OpenSSF Community Day Europe Open Through 26 May, 2025
Submit your proposal by 26 May, 2025 to Join the Conversation on Open Source Security. The Open Source Security Foundation (OpenSSF) invites you to be part of our upcoming OpenSSF Community Day Europe, happening on Thursday, 28 August in Amsterdam, Netherlands and co-located with Open Source Summit EU! This event… Read more.
May 8, 2025 |
Announcing the Summer 2025 OpenSSF Mentorship Program
Hands-on experience and contributions to open source software (OSS) projects are a major advantage for obtaining a job in software engineering (SWE) and/or cybersecurity. At the same time, mentoring and coaching experiences are increasingly viewed as important leadership skills in tech jobs. Programs like the LFX Mentorship are one way… Read more.
May 7, 2025 |
In Blog
New Guide on Simplifying Software Component Updates
The Open Source Security Foundation (OpenSSF) Best Practices Working Group has released the new guide Simplifying Software Component Updates. This guide gives software producers and consumers practical steps to simplify component compatibility. Applying the principles in this guide will eliminate many vulnerabilities in software. To understand why, it’s necessary to… Read more.
May 6, 2025 |
In Blog
OpenSSF Tech Talk Recap: Using the OSPS Baseline to Navigate Standards and Regulations
On April 24, the Open Source Security Foundation (OpenSSF) hosted a Tech Talk to help open source maintainers, contributors, and organizations better navigate the growing landscape of security standards and regulations. Read more.
Apr 30, 2025 |
In Blog
Recognizing Academic Excellence in Open Source and Secure Software Education
Modern software demands more than technical know-how—it requires a deep understanding of secure, sustainable, and scalable systems. Recognizing this, the Linux Foundation has launched its Academic Computing Accreditation Program, formally recognizing academic programs that align with industry-approved curricula from both the Open Source Security Foundation (OpenSSF) and the Cloud Native… Read more.
Apr 29, 2025 |
OpenSSF Launches Free Course to Prepare Developers for the EU Cyber Resilience Act
SAN FRANCISCO, CA – April 29, 2025 – The Open Source Security Foundation (OpenSSF), in collaboration with LF Education, announces the general availability of LFEL1001, a free online course designed to help software developers understand and prepare for the requirements of the European Union (EU) Cyber Resilience Act (CRA). In… Read more.