We’re delighted to invite you to Singapore’s inaugural Open Source Security Foundation (OpenSSF) Meetup on the evening of Thursday, the 8th of June at the AWS Singapore Office to discuss…
We recently hosted OpenSSF Day at the Open Source Summit North America in Vancouver, BC with a full day of session presentations, panels, and lightning talks around the current state…
Where we are with SBOMs and where may the community go in the future? At the 2023 SBOM Devroom, hosted at FOSDEM 2023 in Brussels, participants discussed various topics related…
OpenSSF, in collaboration with Linux Foundation Research, recently launched a new survey to better understand OpenSSF Software Security Awareness. Please take the survey today to share your feedback about our…
The Open Source Security Foundation (OpenSSF) welcomes four new members from leading technology firms: Hitachi, Lockheed Martin, Salesforce, and SAP. The OpenSSF also welcomes new General Manager, Omkhar Arasaratnam, veteran…
Let’s get it out of the way early: it’s not always clear how you can best plug into organizations like OpenSSF. That’s why I’m writing this guest blog post as…
We are very excited to announce that our second OSS Security Meetup in Japan will be held at Cybozu Tokyo Office on June 2nd in Tokyo, hosted by Open Source…
The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA). SLSA is an OpenSSF project that provides specifications…
The use of SBOMs is becoming increasingly essential in managing software supply chains. The main consumption use case is for evaluating dependencies known-vulnerabilities risk, by mapping the dependencies listed in…
We’ve been discussing the creation of SBOMs for over ten years, but has it gotten us any closer to hardening our software development practices? SBOMs provide critical supply chain data,…