OpenSSF Newsletter – May 2024
Welcome to the May 2024 edition of the OpenSSF Newsletter, with our latest information on what’s been happening lately and what’s on our radar. DOWNLOAD: What’s in the SOSS? An...
OpenSSF
OpenSSF Joins Open Source Consortium To Define E.U. CRA Security Specifications
The Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on improving the security of open source software, is proud to announce its collaboration with the Eclipse Foundation and a leading open source consortium to work on the European Union’s (E.U.) Cyber Resilience Act (CRA). This alliance aims to establish common specifications…
Enhancing Open Source Security: Introducing Siren by OpenSSF
By Christopher “CRob” Robinson, Director of Security Communications, Intel Product Assurance and Security, Intel Corporation; and Bennett Pursell, Ecosystem Strategist, OpenSSF In the ever-evolving landscape of cybersecurity threats, collaboration and...
Where Does Your Software (Really) Come From?
Software is a funny, profound thing: Each piece of it is an invisible machine, seemingly made of magic words, designed to run on the ultimate, universal machine. It’s not alive, but it has a lifecycle. It starts out as source code—just text files sitting in a repository somewhere—and then later (through some unique process), that…
Join Our Upcoming OpenSSF Tech Talk: Proactive Supply Chain Security with GUAC
Join our upcoming Tech Talk, "Proactive Supply Chain Security with GUAC," on June 6, 2024, at 10 AM PT/1 PM ET, as we discuss proactive vulnerability management and software supply chain security.
Call for Proposals: Submit to Speak at SOSS Community Day Europe
Join us in Vienna, Austria, for the Secure Open Source Software (SOSS) Community Day Europe 2024, an enriching gathering where members from across the security and open source ecosystem converge to exchange ideas and advancements. Formerly known as OpenSSF Days, SOSS Community Days reflect our broader commitment to fortifying the security of open source software.…
Unlock the Keys to Improved Software Security
This post summarizes key steps that software developers can take to improve software security. It is a text version of a talk given at Open Source Summit North America (OSS NA) 2024.
DruBOM: An SBOM for Drupal
DruBOM is a Software Bill of Materials (SBOM) for Drupal. It is a list of all the dependencies of a Drupal project, including the Drupal core, modules, themes, and libraries.
Recap of SOSS Community Day North America 2024
On April 15, 2024, Secure Open Source Software (SOSS) Community Day North America (NA) brought together the open source community in Seattle to delve into discussions surrounding the challenges, overarching solutions, ongoing initiatives, and triumphs in fortifying the open source software (OSS) supply chain. Alongside dedicated SOSS contributors and thought leaders, we embarked on an…
OpenSSF Taps Bruce Schneier to Discuss AI and OSS Security During Keynote at SOSS Fusion Conference 2024
OpenSSF Taps Bruce Schneier to Discuss AI and OSS Security During Keynote at SOSS Fusion Conference 2024 Register by Aug. 9 for special early bird giveaways! Get access to interactive workshops, in-depth discussions and valuable sessions about securing open source software