The Open Source Security Foundation (OpenSSF) announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform as a service, semiconductors, finance, think…
Read More
The Linux Foundation Training & Certification team, in partnership with the Open Source Software Foundation (OpenSSF), are pleased to announce the launch of one of our post popular training courses…
Read More
A robust strategy around securing how developers consume and manage open source software (OSS) dependencies when building software is essential. The Secure Supply Chain Consumption Framework (S2C2F) is a consumption-focused/consumer-focused…
Read More
In the motor city, the community hosted the first-ever Sigstore event, SigstoreCon, in co-location with KubeCon + CloudNativeCon North America. Event highlights included the announcement of Sigstore general availability, an…
Read More
Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.…
Read More
Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's…
Read More
Thought Leadership Day onĀ open source, infrastructure, security and community curationĀ on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to…
Read More
A well-designed Open Source Program Office (OSPO), when present, is the center of competency for an organizationās open source operations and structure. Here are a dozen ways OSPOs can be…
Read More
The Securing Open Source Software Act is in response to the Log4Shell vulnerability discovered in late November 2021. What is the Securing Open Source Software Act about? On 21st September…
Read More
This year SigstoreCon will be hosted for the first time! The one-day event will take place on October 25, in Detroit Michigan, in co-location with KubeCon + CloudNativeCon North America.…
Read More