OpenSSF

Nov 27

OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

By OpenSSF Blog

The Open Source Security Foundation (OpenSSF) is excited to announce a new guide for Open Source projects that are interested in issuing and managing their own CVE IDs through the…

Nov 21

Love0

Sigstore: Simplifying Code Signing for Open Source Ecosystems

By OpenSSF Blog, Sigstore

This month’s spotlight focuses on the Sigstore project. Digital signatures play a critical role in the software supply chain, by providing verifiable attributes of authentication, integrity, and non-repudiation of artifacts…

Nov 20

Love0

OpenSSF publishes Mission, Vision, Values, and Strategy

By OpenSSF Blog

The open source software (OSS) community is ever-changing, and the security of OSS rapidly evolves in parallel. This requires OpenSSF to regularly re-evaluate our focus and approach to intentionally improve…

Nov 17

Love0

Securing the Software Supply Chain Report Recommends SBOM Consumption Practices for Critical Infrastructure Providers

By OpenSSF Blog

In an era where cyber threats continue to evolve, securing the software supply chain has become paramount for organizations globally. Recognizing the critical need for a robust framework, the US…

Nov 16

Love0

OpenSSF Guest Blog Editorial Review Panel

OpenSSF Kicks Off Guest Blog Editorial Review Panel to Amplify Voices in the Security Community

By OpenSSF Blog

Open source software (OSS) has grown exponentially in its adoption and usage in recent years, making its security a top priority. The Open Source Security Foundation (OpenSSF) recognizes the need…

Nov 15

Love0

Alpha-Omega to Continue Support of Rust Foundation Security Initiative in 2024

By OpenSSF Alpha-Omega, Blog

Today, Alpha-Omega is excited to announce our second year of supporting the Rust Foundation Security Initiative. We believe that this funding will build on the good work and momentum established…

Nov 14

Love0

OpenSSF Supports oss-security and (linux-)distros Mailing Lists

By OpenSSF Blog

As a part of the OpenSSF's mission to sustainably secure the development, maintenance and consumption of open source software, the OpenSSF earlier this year started to sponsor the operation of…

Nov 09

Love0

How to Use Open Source to Help Comply with SCM Best Practices: A Tutorial on Combining OpenSSF Scorecard and Legitify

By OpenSSF Blog, Guest Blog

A few weeks ago, the OpenSSF Best Practices Working Group published the Source Code Management (SCM) Best Practices guide. This guide is the result of a collaboration of multiple leading…

Nov 08

Love0

OpenSSF Responds to US Federal Government RFI on Open Source Software Security

By OpenSSF Blog

The OpenSSF has submitted a response to the Request For Information (RFI) on open source software (OSS) security and memory safe programming languages from the US White House Office of…

Nov 06

Love0

Alpha-Omega Grant To Help Homebrew Reach SLSA Build Level 2

By OpenSSF Alpha-Omega, Blog

Alpha-Omega is pleased to announce a grant to the Homebrew project to enable Sigstore attestations and verification of Homebrew packages. When complete the project will allow organizations to securely verify…

OpenSSF introduces guide to becoming a CVE Numbering Authority as an Open Source project

Sigstore: Simplifying Code Signing for Open Source Ecosystems

OpenSSF publishes Mission, Vision, Values, and Strategy

Securing the Software Supply Chain Report Recommends SBOM Consumption Practices for Critical Infrastructure Providers

OpenSSF Kicks Off Guest Blog Editorial Review Panel to Amplify Voices in the Security Community

Alpha-Omega to Continue Support of Rust Foundation Security Initiative in 2024

OpenSSF Supports oss-security and (linux-)distros Mailing Lists

How to Use Open Source to Help Comply with SCM Best Practices: A Tutorial on Combining OpenSSF Scorecard and Legitify

OpenSSF Responds to US Federal Government RFI on Open Source Software Security

Alpha-Omega Grant To Help Homebrew Reach SLSA Build Level 2

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox