OpenSSF

Sep 27

Threat Modeling the Supply Chain for Software Consumers

By OpenSSF Blog

From a software consumer perspective, how do we know where to start to address the real supply chain threats? Which risks are more critical than others? What framework or standard…

Sep 18

Love0

OpenSSF Alpha-Omega ISRG Prossimo Rustls Rust for Linux

Advancing Rustls and Rust for Linux with OpenSSF Support

By OpenSSF Blog, Guest Blog

Prossimo continues to advance the functionality and scalability of the Rustls TLS library and the Rust for Linux effort thanks to $530,000 in funding from the OpenSSF’s Alpha-Omega project. This…

Sep 18

Love1

OpenSSF Welcomes New Members in Support of Securing Open Source Software

By OpenSSF Blog, Press Release

We welcome six new members from leading technology firms to the OpenSSF. New general members include Mend.io, RTX, Shopify, SlimAI, and Stacklok. New associate member, the Rust Foundation, also joins.…

Sep 15

Love0

Join us for an OpenSSF Tech Talk on SLSA

By OpenSSF Blog

Join us for an OpenSSF Tech Talk on SLSA. We’ll delve into the world of SLSA and its transformative impact on software supply chain security. You will get a comprehensive…

Sep 14

Love0

What You Need to Know About the Linux Foundation’s New Vulnerability Reporting Policy

By OpenSSF Blog

The Linux Foundation introduces our new vulnerability disclosure policy, which clarifies how vulnerability reporters should connect with the Linux Foundation project maintainers who are able to resolve issues.

Sep 14

Love0

Secure Code Management Best Practices Guide

OpenSSF Releases Source Code Management Best Practices Guide

By OpenSSF Blog

We are excited to announce the release of the Source Code Management (SCM) Best Practices Guide by the Open Source Security Foundation (OpenSSF) Best Practices Working Group. This guide is…

Sep 13

Love1

OpenSSF_Secure_Open_Source_Software_SOSS_Summit

OpenSSF Gathers US Government and Industry Leaders at Secure Open Source Software Summit 2023

By OpenSSF Blog, Press Release

The OpenSSF brought together US Government (USG) officials from the National Security Council (NSC), Office of the National Cyber Director (ONCD), and the Cybersecurity and Infrastructure Security Agency (CISA) among…

Sep 12

Love0

CISA’s Open Source Software Security Roadmap

By OpenSSF Blog

We’re excited about the announcement of the US Cybersecurity and Infrastructure Security Agency (CISA)’s Open Source Software Security Roadmap. The Roadmap, released today, clearly articulates a risk assessment and implementation…

Sep 08

Love0

Behind the Scenes of the Alpha-Omega Summer Mentorship Program

By OpenSSF Blog

The Alpha Omega Summer Mentorship Program recently wrapped up and was a resounding success. The program connected senior software security engineers with newcomers to open source, software development, and security…

Sep 07

Love0

VDR, VEX, OpenVEX and CSAF

By OpenSSF Blog, Guest Blog

Early adopters of SBOM have proposed new standards as well as updates to existing standards to specify the status of each vulnerability alongside the SBOM itself. In this context, existing…

Threat Modeling the Supply Chain for Software Consumers

Advancing Rustls and Rust for Linux with OpenSSF Support

OpenSSF Welcomes New Members in Support of Securing Open Source Software

Join us for an OpenSSF Tech Talk on SLSA

What You Need to Know About the Linux Foundation’s New Vulnerability Reporting Policy

OpenSSF Releases Source Code Management Best Practices Guide

OpenSSF Gathers US Government and Industry Leaders at Secure Open Source Software Summit 2023

CISA’s Open Source Software Security Roadmap

Behind the Scenes of the Alpha-Omega Summer Mentorship Program

VDR, VEX, OpenVEX and CSAF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox