OpenSSF

Mar 27

OpenSSF SBOM Everywhere Python SPDX-Tools

SBOM Everywhere Update and Python SPDX-Tools

By OpenSSF Blog

SBOM Everywhere is a Special Interest Group (SIG) within the Security Tooling Working Group of the OpenSSF. In September we funded work on the SPDX Python library and are now…

Mar 20

Improving Supply Chain Security: IBM as a user and a contributor to Open Source Security Foundation Scorecard

By OpenSSF Blog, Case Studies, Guest Blog

Scorecard is becoming a key part of IBM’s review and curation of the open-source software in our products and services. IBM is committed to helping address the systemic security issues…

Mar 15

New SLSA++ Survey Reveals Real-World Developer Approaches to Software Supply Chain Security

By OpenSSF Blog, Guest Blog

Answering even basic questions about software supply chain security has been surprisingly hard. For instance, how widespread are the different practices associated with software supply chain security? And do software…

Mar 09

Draft Version 1.0 of SLSA Open for Comments

By OpenSSF Blog

Supply-chain Levels for Software Artifacts (SLSA, pronounced “salsa”) is an OpenSSF project that provides specifications for software supply chain security, established by industry consensus. SLSA’s framework is organized into a…

Mar 08

Why Open Source is Infrastructure, and Why it Matters

By OpenSSF Blog, Guest Blog

A new report by the Atlantic Council’s Cyber Statecraft Initiative helps draw light on the question on what "open source as infrastructure" really means, and why it matters: Avoiding the…

Mar 07

OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security

By OpenSSF Blog, Press Release

The Open Source Security Foundation (OpenSSF) welcomes eight new members from leading technology firms. The total number of OpenSSF members is currently over 100 and organization membership saw an 88%…

Feb 21

Open Source Security Meetup, Hong Kong, March 1, 2023

Inaugural OpenSSF Hong Kong Meetup on March 1

By OpenSSF Blog

We’re delighted to announce the first-ever Open Source Security Foundation (OpenSSF) Meetup in Hong Kong! Whether you’re a member of technical staff or a business executive, if you want to hear the…

Feb 05

OSS Security Meetup in Tokyo Japan on Feb 23 2023

Join Us at the First OSS Security Meetup in Tokyo, Japan

By OpenSSF Blog

We are excited to present at the first ever OSS Security Meetup in Japan, on February 28 in Tokyo, hosted by Open Source Security Foundation (OpenSSF) Members. We aim to…

Feb 01

Independent Security Audit Impact Report

By OpenSSF Blog

Security audits are an extremely effective tool for improving the security of critical projects. In 2022, OpenSSF and Google sponsored a number of security audits and associated work via strategic…

Dec 28

Engaging Policy Makers and the Ecosystem on Open Source Software Globally

By OpenSSF Blog

Throughout 2022, the Linux Foundation and OpenSSF in particular have been at the heart of a number of important conversations concerning the open source software (OSS) community and sustainability of…

SBOM Everywhere Update and Python SPDX-Tools

Improving Supply Chain Security: IBM as a user and a contributor to Open Source Security Foundation Scorecard

New SLSA++ Survey Reveals Real-World Developer Approaches to Software Supply Chain Security

Draft Version 1.0 of SLSA Open for Comments

Why Open Source is Infrastructure, and Why it Matters

OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security

Inaugural OpenSSF Hong Kong Meetup on March 1

Join Us at the First OSS Security Meetup in Tokyo, Japan

Independent Security Audit Impact Report

Engaging Policy Makers and the Ecosystem on Open Source Software Globally

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox