In Open Source Security Foundation (OpenSSF), we shine a light on those who go above and beyond in enriching our community. The Golden Egg Awards recognize individuals as the driving…
Read More
We're excited to announce that the agenda for Secure Open Source Software (SOSS) Community Day NA on April 15, 2024 is now available! Join us for a day of technical…
Read More
The US Office of the National Cyber Director (ONCD) report Back to the Building Blocks: A Path Toward Secure and Measurable Software, was released today. The report provides valuable insights…
Read More
The Secure Open Source Software (SOSS) Fusion Conference by the OpenSSF is a leading event for open source professionals, uniting diverse experts from software developers to CISOs and tech pioneers.…
Read More
In this post, we will explore how Yahoo leverages Sigstore, in concert with Athenz, an open source platform for managing X.509 certificates, as an internal Certificate Authority, to sign and verify…
Read More
The Linux kernel has achieved a significant milestone in open source software security. It has been authorized as a CVE Numbering Authority (CNA) by the CVE Program. Being a CNA…
Read More
We are thrilled to announce the first event Secure Open Source Software (SOSS) Fusion Conference 2024, a two-day conference hosted by the OpenSSF in Atlanta, GA. Set to take place…
Read More
The Open Source Security Foundation (OpenSSF) is participating in the Biden-Harris Administration’s first-ever Consortium Dedicated to AI Safety, led by the US Department of Commerce. We join over 200 leading…
Read More
Today, the OpenSSF Securing Software Repositories Working Group released v0.1 of Principles for Package Repository Security, a framework for package repositories to assess their current security capabilities and to help…
Read More
Time is of the essence to mitigate vulnerabilities like the recent Leaky Vessels in order to reduce the chance of the vulnerabilities being exploited by attackers. As noted in Leaky…
Read More