OpenSSF

Oct 20

state of the software supply chain sonatype

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

By OpenSSF Blog

Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's…

Oct 10

Love0

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

By OpenSSF Blog, Press Release

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to…

Sep 29

Love0

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

By OpenSSF Blog

A well-designed Open Source Program Office (OSPO), when present, is the center of competency for an organization’s open source operations and structure. Here are a dozen ways OSPOs can be…

Sep 27

Love0

securing open source software act of 2022

The United States Securing Open Source Software Act: What You Need to Know

By OpenSSF Blog

The Securing Open Source Software Act is in response to the Log4Shell vulnerability discovered in late November 2021. What is the Securing Open Source Software Act about? On 21st September…

Sep 27

Love0

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

By OpenSSF Blog, Sigstore

This year SigstoreCon will be hosted for the first time! The one-day event will take place on October 25, in Detroit Michigan, in co-location with KubeCon + CloudNativeCon North America.…

Sep 13

Love0

Funding Python SPDX Development with the OpenSSF and SBOM Everywhere

By OpenSSF Blog

SBOM Everywhere, as the name suggests, is working towards bringing SBOMs to all of open source in a way that is non disruptive. The first effort of the SBOM Everywhere…

Sep 13

Love0

Coordination is Key! The OpenSSF’s CVD Guide for Finders

By OpenSSF Blog

The Vulnerability Disclosures Working Group is proud to unveil the next evolution in improving open source coordination of vulnerability disclosures by crafting a new guide focused on the Security researcher…

Sep 13

Love0

Concise Guides OpenSSF - Developing More Secure Software Evaluating Open Source Software

Introducing New Concise Guides for Developing More Secure Software and Evaluating Open Source Software

By OpenSSF Blog

In response to the growing concern around open source software development, OpenSSF’s Best Practices for Open Source Developers Working Group (WG) has been diligently working with concerned members and community…

Sep 13

Love0

Alpha-Omega Project Announces Over $1.5M in Grants to Critical Open Source Projects and New Omega Analysis Toolchain

By OpenSSF Alpha-Omega, Blog

As part of the OpenSSF’s continued investment in critical open-source projects, we are happy to announce new partnerships and tooling from the Alpha-Omega Project. Alpha-Omega will sponsor critical security work…

Sep 13

Love0

Introducing the New OpenSSF End Users Working Group

By OpenSSF Blog

OpenSSF is excited to announce its newest WG (Working Group), the End Users WG. This WG will focus on representing and addressing the challenges enterprises face when adopting (and using)…

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

The United States Securing Open Source Software Act: What You Need to Know

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

Funding Python SPDX Development with the OpenSSF and SBOM Everywhere

Coordination is Key! The OpenSSF’s CVD Guide for Finders

Introducing New Concise Guides for Developing More Secure Software and Evaluating Open Source Software

Alpha-Omega Project Announces Over $1.5M in Grants to Critical Open Source Projects and New Omega Analysis Toolchain

Introducing the New OpenSSF End Users Working Group

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

OpenSSF

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox