In our increasingly digitized world, data reigns supreme. Alongside traditional valuable information like customer records and bank details, data on interactions and activity has become more valuable to companies. As…
Security is the key theme throughout the three new free Express Learning courses launched by Linux Foundation Training & Certification for cloud professionals. The courses include: Security Self-Assessments for Open…
We are excited to announce the launch of the OpenSSF Security Job Board. This job board is meant to serve the community in two ways: allowing developers to view top-notch…
In April 2023 the US Cybersecurity and Infrastructure Agency (CISA), along with other government agencies inside and outside the US, released a paper emphasizing software secure-by-design principles and approaches. In…
Earlier this month we held a Tech Talk on Securing the Software Supply Chain: An In-Depth Exploration of SLSA. SLSA, or Supply-chain Levels for Software Artifacts, is an OpenSSF project…
The OpenSSF Day Japan agenda is now live! We have a great day of session presentations, panels, and lightning talks lined up on December 4th, colocated with Open Source Summit…
The OpenSSF is pleased to welcome new Governing Board Chair, Arun Gupta who was elected by the OpenSSF Governing Board and will serve from October 2023 to October 2024. Join…
Like the open source ecosystem itself, the OpenSSF has grown and evolved during a very busy 2023. It’s no longer debatable, everyone depends upon open source software today. Two-Term OpenSSF…
This week, CISA, FBI, NSA, and the US Department of the Treasury released guidance on Improving Security of Open Source Software (OSS) in Operational Technology (OT) and Industrial Control Systems…
Today, the OpenSSF Package Analysis team is excited to announce the launch of our Malicious Packages repository, the first open source system for collecting and publishing cross-ecosystem reports of malicious…