OpenSSF

Dec 14

Alpha-Omega Project First Year In Review, Plus New Funding Pledge

By OpenSSF Alpha-Omega, Blog

Alpha-Omega is an OpenSSF project, established in February 2022, with a mission to protect society by improving the security of open source software through direct maintainer engagement and expert analysis,…

Dec 08

Love0

Apples and apples? Comparing Approaches to Measuring Criticality and Risk at the OpenSSF

By OpenSSF Blog

Presenting a comparative study of the different approaches used to measure criticality and risk by a set of OpenSSF projects. Criticality is the measure of how important a package is…

Dec 04

Love0

OpenSSF Membership Exceeds 100 with Many New Members Dedicated to Securing Open Source Software

By OpenSSF Blog, Press Release

The Open Source Security Foundation (OpenSSF) announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform as a service, semiconductors, finance, think…

Dec 04

Love0

Developing Secure Software Training Course Japanese Enroll Today

Free OpenSSF Developing Secure Software Training Course Now Available in Japanese

By OpenSSF Blog

The Linux Foundation Training & Certification team, in partnership with the Open Source Software Foundation (OpenSSF), are pleased to announce the launch of one of our post popular training courses…

Nov 16

Love0

OpenSSF Expands Supply Chain Integrity Efforts with S2C2F

By OpenSSF Blog

A robust strategy around securing how developers consume and manage open source software (OSS) dependencies when building software is essential. The Secure Supply Chain Consumption Framework (S2C2F) is a consumption-focused/consumer-focused…

Nov 15

Love0

SigstoreCon Highlights

By OpenSSF Blog

In the motor city, the community hosted the first-ever Sigstore event, SigstoreCon, in co-location with KubeCon + CloudNativeCon North America. Event highlights included the announcement of Sigstore general availability, an…

Oct 25

Love0

Sigstore Announces General Availability at SigstoreCon

By OpenSSF Blog, Press Release, Sigstore

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.…

Oct 20

Love0

state of the software supply chain sonatype

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

By OpenSSF Blog

Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's…

Oct 10

Love0

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

By OpenSSF Blog, Press Release

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to…

Sep 29

Love0

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

By OpenSSF Blog

A well-designed Open Source Program Office (OSPO), when present, is the center of competency for an organization’s open source operations and structure. Here are a dozen ways OSPOs can be…

Alpha-Omega Project First Year In Review, Plus New Funding Pledge

Apples and apples? Comparing Approaches to Measuring Criticality and Risk at the OpenSSF

OpenSSF Membership Exceeds 100 with Many New Members Dedicated to Securing Open Source Software

Free OpenSSF Developing Secure Software Training Course Now Available in Japanese

OpenSSF Expands Supply Chain Integrity Efforts with S2C2F

SigstoreCon Highlights

Sigstore Announces General Availability at SigstoreCon

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox