As we step into the year 2024, the OpenSSF envisions a year marked by transformative growth, heightened resilience, and new opportunities for individuals and organizations contributing to the flourishing ecosystem…
We are a thriving, diverse, nonstop community. We’re pleased to share with you our annual report for this year, which highlights our many accomplishments throughout 2023 and our plans for…
In August 2023, OpenSSF announced our partnership with DARPA, to support the AI Cyber Challenge (AIxCC). We set up a generative AI and autonomy for cybersecurity (GaiaCS) project to support…
In a collective effort to fortify cybersecurity practices and safeguard the software supply chain, the US National Security Agency (NSA), in collaboration with the Office of the Director of National…
We’re happy to announce the launch of SBOMit – a tool to add in-toto attestations to SBOMs (Software Bills of Material). The SBOMit specification is a SBOM-format independent method for…
This month’s spotlight focuses on the OpenSSF End Users Working Group, which aims to ensure that the distinct and impactful voice of end users is heard in the development and…
The OpenSSF has submitted a response to the Software Identification Ecosystem Option Analysis by the US Cybersecurity and Infrastructure Security Agency (CISA). This comes in light of CISA's announcement regarding…
OpenRefactory is working alongside Alpha-Omega's principals to report security vulnerabilities at scale in open source projects. It works with the maintainers to get the vulnerabilities fixed.
The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), announced new members from leading technology firms and…
Today, we are excited to announce version 1.0 of the Secure Software Development Guiding Principles. These 10 principles describe a series of foundational practices that, if followed, can help provide…