OpenSSF

Sep 12

CISA’s Open Source Software Security Roadmap

By OpenSSF Blog

We’re excited about the announcement of the US Cybersecurity and Infrastructure Security Agency (CISA)’s Open Source Software Security Roadmap. The Roadmap, released today, clearly articulates a risk assessment and implementation…

Sep 08

Behind the Scenes of the Alpha-Omega Summer Mentorship Program

By OpenSSF Blog

The Alpha Omega Summer Mentorship Program recently wrapped up and was a resounding success. The program connected senior software security engineers with newcomers to open source, software development, and security…

Sep 07

VDR, VEX, OpenVEX and CSAF

By OpenSSF Blog, Guest Blog

Early adopters of SBOM have proposed new standards as well as updates to existing standards to specify the status of each vulnerability alongside the SBOM itself. In this context, existing…

Sep 06

OpenSSF Strengthening Open Source Software

Strengthening Open Source Software: Best Practices for Enhanced Security

By OpenSSF Blog, Guest Blog

Securing the open source ecosystem isn't a passive act. It calls for proactive participation through regular code reviews, vulnerability assessments, or simply staying updated with the latest security protocols. Every user,…

Aug 31

Introducing RSTUF, Repository Service for TUF

By OpenSSF Blog

We’re thrilled to announce that RSTUF, Repository Service for TUF, has joined the OpenSSF as an OpenSSF Sandbox Project. This is a major step forward in ensuring we can improve…

Aug 30

OpenSSF Securing Software Repositories Working Group: Repositories, Registries, and Tools

By OpenSSF Blog

The OpenSSF Securing Software Repositories Working Group focuses on the maintainers of software repositories, software registries, and the tools that rely on them. By repositories, we include all platforms where…

Aug 28

Submit to Speak at OpenSSF Day Japan

By OpenSSF Blog

We are pleased to announce that OpenSSF Day Japan will be taking place on December 4, 2023 at the Ariake Central Tower Hall & Conference, colocated with Open Source Summit…

Aug 28

OpenSSF Scorecard Launches v4.12 with Support for GitLab

By OpenSSF Blog

Today, we are excited to announce OpenSSF Scorecard v4.12. This release adds support for GitLab and brings the project closer to its longer-term goal of supporting all types of hosted…

Aug 25

What You Need to Know About the US Federal Government’s RFI on Open Source Software Security

By OpenSSF Blog

The US Federal Government's recent Request for Information (RFI) on Open Source Software Security (announced by the US White House) is a noteworthy development for open source software (OSS). This…

Aug 24

OpenSSF Open Source Consumption Manifesto

Join Us in Adopting the Open Source Consumption Manifesto

By OpenSSF Blog

By adopting a few common principles, software organizations can achieve real, measurable change in the security and health of their software supply chains. You are invited to adopt the new…

CISA’s Open Source Software Security Roadmap

Behind the Scenes of the Alpha-Omega Summer Mentorship Program

VDR, VEX, OpenVEX and CSAF

Strengthening Open Source Software: Best Practices for Enhanced Security

Introducing RSTUF, Repository Service for TUF

OpenSSF Securing Software Repositories Working Group: Repositories, Registries, and Tools

Submit to Speak at OpenSSF Day Japan

OpenSSF Scorecard Launches v4.12 with Support for GitLab

What You Need to Know About the US Federal Government’s RFI on Open Source Software Security

Join Us in Adopting the Open Source Consumption Manifesto

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox