Are you an OpenSSF contributor with insights on open source security? Write a guest post for our blog and share your expertise with the community!
OpenSSF Blog
Mar 18, 2025 |
Linux Foundation Research Reports Reveal Wide Spectrum for Cyber Resilience Act Readiness and Compliance
SAN FRANCISCO – March 18, 2024 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the publication of two groundbreaking research reports, both in partnership with the Open Source Security Foundation (OpenSSF) and Linux Foundation Europe (LF Europe), that explore community-driven strategies to address open source security and the European Union’s… Read more.
Mar 17, 2025 |
In Blog
CNCF & OpenSSF Announce Open Source SecurityCon 2025
The Cloud Native Computing Foundation (CNCF) and the Open Source Security Foundation (OpenSSF) are thrilled to introduce Open Source SecurityCon 2025—a premier event focused on strengthening cloud-native and open source software security. Read more.
Mar 14, 2025 |
OpenSSF Policy Summit DC 2025 Recap
The OpenSSF Policy Summit DC 2025 brought together open source, government, and industry leaders to tackle pressing security challenges. The event fostered open dialogue under the Chatham House Rule, emphasizing shared responsibility and commitment to strengthening the open source ecosystem. A Message from Steve Fernandez, OpenSSF General Manager, "The OpenSSF… Read more.
Mar 11, 2025 |
OpenSSF Hosts 2025 Policy Summit in Washington, D.C. to Tackle Open Source Security Challenges
WASHINGTON, D.C. – March 11, 2025 – The Open Source Security Foundation (OpenSSF) successfully hosted its 2025 Policy Summit in Washington, D.C., on Tuesday, March 4. The summit brought together industry leaders and open source security experts to address key challenges in securing the software supply chain, with a focus… Read more.
Mar 6, 2025 |
In Blog
NEW FREE COURSE: Security for Software Development Managers (LFD125)
The Open Source Security Foundation and Linux Foundation Education have announced the launch of a new, free, cybersecurity e-Learning course, Security for Software Development Managers (LFD125). The course is designed for anyone who manages, or aspires to manage, developer teams. Read more.
Mar 6, 2025 |
In Blog
2025 OpenSSF Content Themes: Strengthening Open Source Security Throughout the Year
Each year, the Open Source Security Foundation (OpenSSF) is committed to securing the software supply chain through a year-long focus on key themes. Our content calendar aligns with critical security topics, industry events, and cybersecurity awareness initiatives. As we move through 2025, here’s how OpenSSF is strengthening software supply chain… Read more.
Feb 27, 2025 |
In Blog
FOSDEM 2025: OpenSSF Community Wrap Up
The Free and Open source Software Developers’ European Meeting (FOSDEM) is a non-commercial, volunteer-organized European event centered on free and open source software development. It is aimed at developers and anyone interested in the open source software movement. Read more.
Feb 25, 2025 |
OpenSSF Announces Initial Release of the Open Source Project Security Baseline
New Initiative Aims to Enhance Open Source Software Security Through Tiered Best Practices SAN FRANCISCO – February 25, 2025 – The Open Source Security Foundation (OpenSSF) is pleased to announce the initial release of the Open Source Project Security Baseline (OSPS Baseline). The Baseline initiative provides a structured set of… Read more.
Feb 20, 2025 |
Does the EU CRA affect my business?
The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024. It covers many types of devices and applications that are either sold or otherwise made commercially available on the European… Read more.
Feb 6, 2025 |
Securing Public Sector Supply Chains is a Team Sport
By Daniel Moch, Lockheed Martin Everyone—from private companies to governments—is aware (or is quickly becoming aware) that the security of their software supply chain is critical to their broader security and continued success. The OpenSSF exists in part to help organizations grapple with the complexity of their supply chains, promoting… Read more.