OpenSSF

Nov 15

SigstoreCon Highlights

By OpenSSF Blog

In the motor city, the community hosted the first-ever Sigstore event, SigstoreCon, in co-location with KubeCon + CloudNativeCon North America. Event highlights included the announcement of Sigstore general availability, an…

Oct 25

Sigstore Announces General Availability at SigstoreCon

By OpenSSF Blog, Press Release, Sigstore

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.…

Oct 20

state of the software supply chain sonatype

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

By OpenSSF Blog

Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's…

Oct 10

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

By OpenSSF Blog, Press Release

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to…

Sep 29

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

By OpenSSF Blog

A well-designed Open Source Program Office (OSPO), when present, is the center of competency for an organization’s open source operations and structure. Here are a dozen ways OSPOs can be…

Sep 27

securing open source software act of 2022

The United States Securing Open Source Software Act: What You Need to Know

By OpenSSF Blog

The Securing Open Source Software Act is in response to the Log4Shell vulnerability discovered in late November 2021. What is the Securing Open Source Software Act about? On 21st September…

Sep 27

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

By OpenSSF Blog, Sigstore

This year SigstoreCon will be hosted for the first time! The one-day event will take place on October 25, in Detroit Michigan, in co-location with KubeCon + CloudNativeCon North America.…

Sep 13

Funding Python SPDX Development with the OpenSSF and SBOM Everywhere

By OpenSSF Blog

SBOM Everywhere, as the name suggests, is working towards bringing SBOMs to all of open source in a way that is non disruptive. The first effort of the SBOM Everywhere…

Sep 13

Coordination is Key! The OpenSSF’s CVD Guide for Finders

By OpenSSF Blog

The Vulnerability Disclosures Working Group is proud to unveil the next evolution in improving open source coordination of vulnerability disclosures by crafting a new guide focused on the Security researcher…

Sep 13

Concise Guides OpenSSF - Developing More Secure Software Evaluating Open Source Software

Introducing New Concise Guides for Developing More Secure Software and Evaluating Open Source Software

By OpenSSF Blog

In response to the growing concern around open source software development, OpenSSF’s Best Practices for Open Source Developers Working Group (WG) has been diligently working with concerned members and community…

SigstoreCon Highlights

Sigstore Announces General Availability at SigstoreCon

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

The United States Securing Open Source Software Act: What You Need to Know

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

Funding Python SPDX Development with the OpenSSF and SBOM Everywhere

Coordination is Key! The OpenSSF’s CVD Guide for Finders

Introducing New Concise Guides for Developing More Secure Software and Evaluating Open Source Software

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox