OpenSSF

Jul 27

OpenSSF Vulnerability Disclosures Working Group Helps Guide and Automate Handling Risk

By OpenSSF Blog

The OpenSSF Vulnerability Disclosures Working Group aims to improve open source security by developing and advocating well-managed vulnerability reporting and communication. We do so by documenting and supporting best vulnerability…

Jul 21

Love0

Manage how you protect your assets at scale with SBOMs

By OpenSSF Blog, Guest Blog

While many in the industry realize the value of having a software bill of materials, creators still need to generate high-fidelity SBOMs, and software consumers must ingest and enforce actions…

Jul 20

Love0

Fuzz Introspector: optimizing fuzzing workflows

By OpenSSF Blog, Guest Blog

Fuzz Introspector is an open source tool that at its core provides insights and suggestions for improvements on how a given project is being fuzzed. In this blog post we…

Jun 30

Love0

SBOM Everywhere and the Security Tooling Working Group: Providing the Best Security Tools for Open Source Developers

By OpenSSF Blog

This month, we present a spotlight on the SBOM Everywhere initiative, housed under the OpenSSF Security Tooling Working Group. The mission of the Security Tooling Working Group is to identify,…

Jun 22

Love0

Python Software Foundation Alpha Omega Welcome New PSF Security Developer in Residence

PSF Welcomes New Security Developer in Residence with Support from Alpha-Omega

By OpenSSF Alpha-Omega, Blog

Through funding by the OpenSSF’s Alpha-Omega Project, the Python Software Foundation (PSF) has hired a new security developer in residence as part of a year-long security enhancement initiative. PSF announced…

Jun 20

Love0

Why SBOM Generators Need to Accurately Represent Open Source Licenses

By OpenSSF Blog, Guest Blog

SBOMs enable organizations to identify vulnerabilities, track open-source usage, and ensure compliance with numerous licensing obligations. Having a “single source of truth” for security and licensing information helps everyone. Let’s…

May 31

Love0

OpenSSF Supply Chain Integrity Working Group Provides Security Guidance, Practical Frameworks, and Tools

By OpenSSF Blog

Within the OpenSSF Supply Chain Integrity Working Group (SCI WG), we’re hosting a global community of individuals and organizations collaborating on scalable standardized attestable practices for supply chain security. Along…

May 30

Love0

Inaugural Open Source Security Singapore Meetup

By OpenSSF Blog

We’re delighted to invite you to Singapore’s inaugural Open Source Security Foundation (OpenSSF) Meetup on the evening of Thursday, the 8th of June at the AWS Singapore Office to discuss…

May 26

Love0

Takeaways from OpenSSF Day North America

By OpenSSF Blog

We recently hosted OpenSSF Day at the Open Source Summit North America in Vancouver, BC with a full day of session presentations, panels, and lightning talks around the current state…

May 24

Love0

Exploring the Latest Advances in SBOMs from the Devroom

By OpenSSF Blog

Where we are with SBOMs and where may the community go in the future? At the 2023 SBOM Devroom, hosted at FOSDEM 2023 in Brussels, participants discussed various topics related…

OpenSSF Vulnerability Disclosures Working Group Helps Guide and Automate Handling Risk

Manage how you protect your assets at scale with SBOMs

Fuzz Introspector: optimizing fuzzing workflows

SBOM Everywhere and the Security Tooling Working Group: Providing the Best Security Tools for Open Source Developers

PSF Welcomes New Security Developer in Residence with Support from Alpha-Omega

Why SBOM Generators Need to Accurately Represent Open Source Licenses

OpenSSF Supply Chain Integrity Working Group Provides Security Guidance, Practical Frameworks, and Tools

Inaugural Open Source Security Singapore Meetup

Takeaways from OpenSSF Day North America

Exploring the Latest Advances in SBOMs from the Devroom

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox