Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Oct 9, 2025 |
In Blog
Building Security in Open Source for Financial Services: OpenSSF at Open Source in Finance Forum (OSFF)
Financial services run on open source. With regulations growing and supply chains under pressure, institutions need clear frameworks and reliable data to keep systems secure. At the Open Source in Finance Forum (OSFF) the OpenSSF community is sponsoring and sharing sessions on the OSPS Baseline, vulnerability data, and AI security.… Read more.
Oct 8, 2025 |
KubeCon + CloudNativeCon North America 2025 Co-Located Event Deep Dive: Open Source SecurityCon
Open Source SecurityCon has always been about bringing people together to strengthen trust in open source. From its beginnings within TAG Security to its growth as a standalone conference, and now returning to KubeCon + CloudNativeCon alongside the Open Source Security Foundation (OpenSSF), the event has become a gathering place for… Read more.
Oct 2, 2025 |
In Blog
Recap: OpenSSF Tech Talk on Securing the AI Lifecycle
On September 24, the Open Source Security Foundation (OpenSSF) hosted its latest Tech Talk, bringing together experts from Dell, Google, Intel, and the broader community to discuss how open source tools and practices can secure the fast-evolving AI/ML lifecycle. The recording and slides are now available. Read more.
Sep 23, 2025 |
In Blog
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship
An Open Letter from the Stewards of Public Open Source Infrastructure Over the past two decades, open source has revolutionized the way software is developed. Every modern application, whether written in Java, JavaScript, Python, Rust, PHP, or beyond, depends on public package registries like Maven Central, PyPI, crates.io, Packagist and… Read more.
Sep 22, 2025 |
From Beginner to Builder: Your First Code Contribution
Maybe you've used open source before and wondered how it all works, or you're early in your career and heard that open source contributions can boost your growth. Maybe you've witnessed software supply chain attacks and felt an urge to make a difference. Maybe you just started learning about OpenSSF… Read more.
Sep 19, 2025 |
In Blog
From Ghent to Brussels: OpenSSF’s Week of Policy and Security in Europe
At the end of October, the Linux Foundation, the Linux Foundation Europe and OpenSSF will gather leaders across industry, government, and open source communities for three impactful events in Belgium. Together, these back-to-back gatherings will advance collaboration, shape policy, and highlight the critical role of open source in Europe’s digital… Read more.
Sep 18, 2025 |
In Blog
Improving Risk Management Decisions with SBOM Data: A New Whitepaper from the OpenSSF SBOM Everywhere SIG
SBOMs are becoming part of everyday software practice, but many teams still ask the same question: how do we turn SBOM data into decisions we can trust? Our new whitepaper, “Improving Risk Management Decisions with SBOM Data,” answers that by tying SBOM information to concrete risk-management outcomes across engineering, security,… Read more.
Sep 16, 2025 |
New OpenSSF Guidance on AI Code Assistant Instructions
AI code assistants are powerful tools. They can speed up development, suggest solutions, and help explore alternatives. But they also create security risks, because the results you get depend heavily on what you ask. These systems’ models are trained on vast amounts of code (much of it insecure), they don’t… Read more.
Sep 12, 2025 |
In Blog
Celebrating the Community: OpenSSF at Open Source Summit and OpenSSF Community Day Europe Recap
From August 25 to 28, 2025, the Linux Foundation hosted a high-impact week of open source collaboration and innovation in Amsterdam. OpenSSF’s participation, in both Open Source Summit Europe and OpenSSF Community Day Europe, brought together developers, maintainers, researchers, and policymakers to strengthen software supply chain security and align on… Read more.
Sep 11, 2025 |
Open Source Friday with OpenSSF – Global Cyber Policy Working Group
On August 15, 2025, GitHub’s Open Source Friday series spotlighted the Open Source Security Foundation (OpenSSF) in a live interview hosted by Kevin Crosby. Open Source Friday is GitHub’s weekly program that celebrates the creators, maintainers, and contributors who make the open source community thrive. The session introduced the OpenSSF… Read more.