SBOM Everywhere, as the name suggests, is working towards bringing SBOMs to all of open source in a way that is non disruptive. The first effort of the SBOM Everywhere…
Read More
The Vulnerability Disclosures Working Group is proud to unveil the next evolution in improving open source coordination of vulnerability disclosures by crafting a new guide focused on the Security researcher…
Read More
In response to the growing concern around open source software development, OpenSSF’s Best Practices for Open Source Developers Working Group (WG) has been diligently working with concerned members and community…
Read More
As part of the OpenSSF’s continued investment in critical open-source projects, we are happy to announce new partnerships and tooling from the Alpha-Omega Project. Alpha-Omega will sponsor critical security work…
Read More
OpenSSF is excited to announce its newest WG (Working Group), the End Users WG. This WG will focus on representing and addressing the challenges enterprises face when adopting (and using)…
Read More
We are excited to release new features from the Scorecards project, the OpenSSF tool that helps maintainers follow best security practices. The Scorecards GitHub Action now supports a REST API…
Read More
We are excited to announce the v1 release of the “npm Best Practices,” a new guide focused on dependency management and supply chain security for npm. This release is the…
Read More
Capital One joins the Open Source Security Foundation (OpenSSF) as a premier member affirming its commitment to strengthening the open source software supply chain. OpenSSF is a cross-industry organization hosted…
Read More
The Linux Foundation and the Open Source Software Security Foundation (OpenSSF) backed by the Ministry of Economy, Trade and Industry, Today convene cybersecurity experts from Japanese companies, government agencies, and…
Read More
OpenSSF announces 13 new members from leading financial services, technology, employment, software development, cybersecurity, telecommunications, and academic sectors.
Read More