OpenSSF

May 10

OpenSSF Welcomes New Members, Veteran Cybersecurity Expert as General Manager, and New Funding

By OpenSSF Blog, Press Release

The Open Source Security Foundation (OpenSSF) welcomes four new members from leading technology firms: Hitachi, Lockheed Martin, Salesforce, and SAP. The OpenSSF also welcomes new General Manager, Omkhar Arasaratnam, veteran…

May 03

How I Got Involved with the OpenSSF

By OpenSSF Blog, Guest Blog

Let’s get it out of the way early: it’s not always clear how you can best plug into organizations like OpenSSF. That’s why I’m writing this guest blog post as…

Apr 26

Join Us at the OSS Security Meetup in Tokyo, Japan

By OpenSSF Blog

We are very excited to announce that our second OSS Security Meetup in Japan will be held at Cybozu Tokyo Office on June 2nd in Tokyo, hosted by Open Source…

Apr 19

OpenSSF Announces SLSA Version 1.0 Release

By OpenSSF Blog, Press Release

The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA). SLSA is an OpenSSF project that provides specifications…

Apr 14

Assessing Product Risk Using SBOMs and OpenSSF Scorecard

By OpenSSF Blog, Guest Blog

The use of SBOMs is becoming increasingly essential in managing software supply chains. The main consumption use case is for evaluating dependencies known-vulnerabilities risk, by mapping the dependencies listed in…

Apr 06

SBOMs, So Far, So Good, So What?

By OpenSSF Blog, Guest Blog

We’ve been discussing the creation of SBOMs for over ten years, but has it gotten us any closer to hardening our software development practices? SBOMs provide critical supply chain data,…

Apr 05

OpenSSF Best Practices Working Group Provides Security Guidance and Tools for Open Source Developers

By OpenSSF Blog

The goal of the Best Practices Working Group is to provide open source developers with recommendations on best practices around development and security. This working group focuses on providing developers…

Apr 04

Taking the Pulse of Leading Software Repositories’ Security

By OpenSSF Blog

Each software repository faces a challenging task to protect producers and consumers of open-source software. They must defend against a variety of threats, juggling a complex menu of options to…

Mar 30

Clarifying Sigstore Terms of Use

By OpenSSF Blog, Sigstore

The primary activity for The Linux Foundation projects is open collaboration on technical challenges that deliver tangible improvements for developers, companies, industries, and society at large. The focus we’ve always…

Mar 28

The Role of Foundations in Securing OSS

By OpenSSF Blog, Guest Blog

Security used to be something of an afterthought in software development. Security was clunky or inconvenient, often because it was a ‘bolt-on’. That has rapidly changed over the last two…

OpenSSF Welcomes New Members, Veteran Cybersecurity Expert as General Manager, and New Funding

How I Got Involved with the OpenSSF

Join Us at the OSS Security Meetup in Tokyo, Japan

OpenSSF Announces SLSA Version 1.0 Release

Assessing Product Risk Using SBOMs and OpenSSF Scorecard

SBOMs, So Far, So Good, So What?

OpenSSF Best Practices Working Group Provides Security Guidance and Tools for Open Source Developers

Taking the Pulse of Leading Software Repositories’ Security

Clarifying Sigstore Terms of Use

The Role of Foundations in Securing OSS

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox