Skip to main content
Must-attend-sessions-at-SOSSEU-and-OSSEU

Sep 13, 2024 | OpenSSF

In Blog

Must-Attend Sessions at SOSS Community Day EU and Open Source Summit Europe 2024

Secure Open Source Software (SOSS) Community Day EU and Open Source Summit Europe 2024 are just around the corner in Vienna, Austria! Join fellow open source enthusiasts from September 16 - 19, 2024, as they come together to connect, share knowledge, and push the boundaries of innovation in the open… Read more.
Bomctl

Sep 5, 2024 | OpenSSF

Simplify SBOM Management for Developers: Introducing Bomctl

Software security is a top priority, and understanding the components that make up your software is crucial. Software Bill of Materials (SBOMs) play a vital role in achieving this by providing a detailed list of these components and their relationships. Read more.
PrioritizingSecurityBlog

Sep 4, 2024 | OpenSSF

In Blog

Prioritizing Security: Key Findings From The OpenSSF Survey For Financial Institutions

The Linux Foundation's Open Source Security Foundation (OpenSSF) Secure Software Development Education 2024 Survey offers crucial insights that are particularly relevant to the financial services industry, including FINOS members such as sell-side banks, buy-side firms, and wealth managers. As these organizations increasingly rely on software to drive operations, the emphasis on secure… Read more.
AIxCC Semifinals at DEF CON Showcase AI’s Potential in Securing Critical OSS Projects

Aug 28, 2024 | OpenSSF

In Blog

AIxCC Semifinals at DEF CON Showcase AI’s Potential in Securing Critical OSS Projects

Competitors’ Cyber Reasoning Systems proved up to the AIxCC Challenge at DEF CON 32 this month, with seven teams advancing to the finals of the two-year competition aimed at finding and fixing vulnerabilities in critical software projects. Read more.
Innovative Supply Chain Security For Enterprise Cloud Platform Service

Aug 27, 2024 | OpenSSF

Innovative Supply Chain Security For Enterprise Cloud Platform Service

This blog explores how Guidewire Cloud Platform is using and collaborating with GUAC. Read more.
LFD121Blog

Aug 19, 2024 | OpenSSF

In Blog

A Bird’s-Eye View of LFD 121 (Developing Secure Software) — and Why Every Developer Should Take It

Software security has continued to grow in importance. The Linux Foundation has undertaken various initiatives around open source software security, such as the Open Source Security Foundation (OpenSSF)—–a full list of initiatives is available on LF Security. Read more.
GUACv0.8.0

Aug 15, 2024 | OpenSSF

In Blog

GUAC v0.8.0 Released

GUAC v0.8.0 is now available. This release brings support for license information, node deletion, and many other improvements. Read more.
SigstoreCon

Aug 14, 2024 | OpenSSF

In Blog

Announcing SigstoreCon: Supply Chain Day!

Join us for SigstoreCon: Supply Chain Day! Co-located with Kubecon NA 2024 in Salt Lake City, attendees will learn about simplifying signing and verification for digital artifacts using Sigstore, as well as related software supply chain efforts such as SLSA, The Update Framework, binary transparency, and more! CFP deadline is September 13. Read more.
Mitigating attack vectors in GitHub Workflows

Aug 12, 2024 | OpenSSF

In Blog

Mitigating Attack Vectors in GitHub Workflows

GitHub Actions are commonly used to automate processes in repositories, by running CI (continuous integration) tests on pull requests for example. It can also be used to make a package release process more secure just by making it automated. But, it is important to be careful to ensure that they… Read more.
CFP_SOSSJP

Aug 8, 2024 | OpenSSF

In Blog

Call for Proposals: SOSS Community Day Japan 2024

We are excited to announce that the OpenSSF is hosting Security of Open Source Software (SOSS) Community Day Japan 2024, scheduled for Wednesday, October 30, 2024. This one-day event will take place in Tokyo, Japan, and the call for proposals (CFP) is now open. Read more.