Jan 3, 2025 |
In Blog
SOSS Community Day India 2024: Wrap Up
Towards the end of 2024, we hosted the inaugural SOSS Community Day India, and we’re thrilled to share that it was a resounding success! This remarkable event brought together some of the most active open source contributors in the industry for a day filled with sharing, learning, and collaboration Read more.
Dec 23, 2024 |
CRA Stewards and Manufacturers Workshop: Key Takeaways and Next Steps
Last week the Linux Foundation Europe and OpenSSF teams held a workshop focused on the implications of the recently published Regulation (EU) 2024/2847, commonly known as the Cyber Resilience Act or CRA. The 2024 Stewards and Manufacturers Workshop in Amsterdam was a highly successful event where members from across the… Read more.
Dec 20, 2024 |
In Blog
Staying OSS Safe During the Holidays
The holiday season is upon us, and while many of us are gearing up for festivities, gift shopping, and reconnecting with loved ones, it’s also a time when cybersecurity threats loom larger than ever. Supply-chain attacks such as SolarWinds and Log4Shell happened during the holiday season, as that is a… Read more.
Dec 16, 2024 |
SigstoreCon 2024: Advancing Software Supply Chain Security
On November 12, 2024, the software security community gathered in Salt Lake City for SigstoreCon: Supply Chain Day, co-located with KubeCon North America 2024. The one-day conference brought together developers, maintainers, and security experts to explore how Sigstore is transforming software supply chain security through simplified signing and verification of… Read more.
Dec 11, 2024 |
Understanding the CRA: OpenSSF’s Role in the Cyber Resilience Act Implementation – Part 2
In Part 1, we provided a general overview of the CRA and highlighted OpenSSF’s current activities related to its implementation. In Part 2, we’ll take a closer look at the three-year implementation timeline and what lies ahead. Read more.
Dec 9, 2024 |
In the Face of Mounting Regulatory Oversight, Honda and Guidewire Join Industry Leaders Securing Software Development at the Open Source Security Foundation (OpenSSF)
Growing Member Base and Launch of SOSS Community Day India Continue to Advance Open Source Software Security Delhi, India – December 10, 2024 – The Open Source Security Foundation (OpenSSF), a global cross-industry initiative of the Linux Foundation, helps individuals and organizations build secure software by providing guidance, tools, and… Read more.
Dec 9, 2024 |
In Blog
The OpenSSF 2024 Annual Report Is Live!
We’re excited to announce the release of the OpenSSF 2024 Annual Report, highlighting a year of significant progress, collaboration, and impact within the open source software (OSS) ecosystem. From new member milestones to groundbreaking initiatives, this report captures the collective achievements of our projects, working groups, and vibrant community. Here’s… Read more.
Dec 4, 2024 |
Open Source Usage Trends and Security Challenges Revealed in New Study
SAN FRANCISCO, Dec. 4, 2024 -- The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the release of "Census III of Free and Open Source Software – Application Libraries" (Census III) in collaboration with the Laboratory for Innovation Science at Harvard. The study identifies the most widely-used free and open… Read more.
Nov 27, 2024 |
In Blog
Shaping the Future of Generative AI: A Focus on Security
Open Source Security Foundation (OpenSSF), with its focus on securing open source software, plays a pivotal role in establishing best practices for developing secure AI systems. In 2024, the OpenSSF AI/ML Working Group launched a new project focused on model signing. This initiative is developing a proof of concept for model signing… Read more.
Nov 25, 2024 |
Understanding the CRA: OpenSSF’s Role in the Cyber Resilience Act Implementation – Part 1
With publishing as Regulation (EU) 2024/2847 in the Official Journal of the European Union, the Cyber Resilience Act (CRA) enters into force (EIF) on December 10, 2024. The CRA will fully apply three years later, on December 11, 2027. The CRA will obligate all products with digital elements, including their… Read more.