OpenSSF

Dec 15

Strengthening Cybersecurity: NSA and ESF Partners Advocate Open Source Software Security with SBOM Emphasis

By OpenSSF Blog

In a collective effort to fortify cybersecurity practices and safeguard the software supply chain, the US National Security Agency (NSA), in collaboration with the Office of the Director of National…

Dec 13

Introducing SBOMit: Adding Verification to SBOMs

By OpenSSF Blog

We’re happy to announce the launch of SBOMit – a tool to add in-toto attestations to SBOMs (Software Bills of Material). The SBOMit specification is a SBOM-format independent method for…

Dec 12

OpenSSF End Users Working Group: Representing the Interests of Open Source Software Consumers

By OpenSSF Blog

This month’s spotlight focuses on the OpenSSF End Users Working Group, which aims to ensure that the distinct and impactful voice of end users is heard in the development and…

Dec 11

OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis

By OpenSSF Blog

The OpenSSF has submitted a response to the Software Identification Ecosystem Option Analysis by the US Cybersecurity and Infrastructure Security Agency (CISA). This comes in light of CISA's announcement regarding…

Dec 05

Finding And Fixing Bugs in Open Source Software at Scale with a Grant from Alpha-Omega

By OpenSSF Alpha-Omega, Blog, Guest Blog

OpenRefactory is working alongside Alpha-Omega's principals to report security vulnerabilities at scale in open source projects. It works with the maintainers to get the vulnerabilities fixed.

Dec 03

OpenSSF Announces New Members, Guiding Software Security Principles at OpenSSF Day Japan

By OpenSSF Blog, Press Release

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), announced new members from leading technology firms and…

Dec 03

OpenSSF Releases Top 10 Secure Software Development Guiding Principles

By OpenSSF Blog

Today, we are excited to announce version 1.0 of the Secure Software Development Guiding Principles. These 10 principles describe a series of foundational practices that, if followed, can help provide…

Nov 29

Strengthening the Fort 🏰: OpenSSF Releases Compiler Options Hardening Guide for C and C++

By OpenSSF Blog

In the fast-changing landscape of cybersecurity, OpenSSF has taken a significant step towards enhancing the security of C and C++ software. This effort addresses a persistent class of software defects…

Nov 28

Cybersecurity in Energy Infrastructure: The Value of Open Source Software

By OpenSSF Blog

LF Energy and OpenSSF released a new whitepaper on how open source software is critical to the innovation and transformation of our energy infrastructure. Contrary to common misconceptions, OSS offers…

Nov 27

OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

By OpenSSF Blog

The Open Source Security Foundation (OpenSSF) is excited to announce a new guide for Open Source projects that are interested in issuing and managing their own CVE IDs through the…

Strengthening Cybersecurity: NSA and ESF Partners Advocate Open Source Software Security with SBOM Emphasis

Introducing SBOMit: Adding Verification to SBOMs

OpenSSF End Users Working Group: Representing the Interests of Open Source Software Consumers

OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis

Finding And Fixing Bugs in Open Source Software at Scale with a Grant from Alpha-Omega

OpenSSF Announces New Members, Guiding Software Security Principles at OpenSSF Day Japan

OpenSSF Releases Top 10 Secure Software Development Guiding Principles

Strengthening the Fort 🏰: OpenSSF Releases Compiler Options Hardening Guide for C and C++

Cybersecurity in Energy Infrastructure: The Value of Open Source Software

OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox