May 31, 2023 |
In Blog
OpenSSF Supply Chain Integrity Working Group Provides Security Guidance, Practical Frameworks, and Tools
Within the OpenSSF Supply Chain Integrity Working Group (SCI WG), we’re hosting a global community of individuals and organizations collaborating on scalable standardized attestable practices for supply chain security. Along the way we’re developing a shared vocabulary for the industry, a common problem model, and uniform frameworks spanning languages and… Read more.
May 30, 2023 |
In Blog
Inaugural Open Source Security Singapore Meetup
We’re delighted to invite you to Singapore’s inaugural Open Source Security Foundation (OpenSSF) Meetup on the evening of Thursday, the 8th of June at the AWS Singapore Office to discuss how we can address cybersecurity challenges locally and globally. Read more.
May 30, 2023 |
In Blog
Meet New OpenSSF GM Omkhar Arasaratnam
Join us for a conversation with new OpenSSF General Manager, Omkhar Arasaratnam, veteran cybersecurity and technical risk management executive with more than 25 years of experience leading global organizations. In this Q&A, Omkhar covers everything from the challenges he foresees in his role to what he thinks is the most… Read more.
May 26, 2023 |
In Blog
Takeaways from OpenSSF Day North America
We recently hosted OpenSSF Day at the Open Source Summit North America in Vancouver, BC with a full day of session presentations, panels, and lightning talks around the current state of open source security. If you weren’t able to attend, the videos are now available on our YouTube channel to… Read more.
May 24, 2023 |
In Blog
Exploring the Latest Advances in SBOMs from the Devroom
Where we are with SBOMs and where may the community go in the future? At the 2023 SBOM Devroom, hosted at FOSDEM 2023 in Brussels, participants discussed various topics related to generating, understanding, managing, and converting Software Bill of Materials (SBOMs). Read more.
May 17, 2023 |
In Blog
We Want to Hear from You: Take the OpenSSF Software Security Awareness Survey
OpenSSF, in collaboration with Linux Foundation Research, recently launched a new survey to better understand OpenSSF Software Security Awareness. Please take the survey today to share your feedback about our initiatives and how we can improve. We want to hear from you! Read more.
May 10, 2023 |
In Blog, Press Release
OpenSSF Welcomes New Members, Veteran Cybersecurity Expert as General Manager, and New Funding
The Open Source Security Foundation (OpenSSF) welcomes four new members from leading technology firms: Hitachi, Lockheed Martin, Salesforce, and SAP. The OpenSSF also welcomes new General Manager, Omkhar Arasaratnam, veteran cybersecurity and technical risk management executive. Plus Microsoft and Google commit $5 million in continued funding for Alpha-Omega. Read more.
May 4, 2023 |
In Blog
Sessions You Won’t Want to Miss at Open Source Summit and OpenSSF Day NA
Open Source Summit North America in Vancouver, Canada is only one week away! Open Source Summit is the premier event for open source developers, technologists, and community leaders to collaborate and further open source innovation, ensuring a sustainable open source ecosystem. During Open Source Summit, we will also be hosting… Read more.
May 3, 2023 |
In Blog
How I Got Involved with the OpenSSF
Let’s get it out of the way early: it’s not always clear how you can best plug into organizations like OpenSSF. That’s why I’m writing this guest blog post as an “outsider.” I’m just your average tech employee who has become progressively more involved since my company, Sonatype, became members… Read more.
May 2, 2023 |
In Blog
Getting to know the Open Source Vulnerability (OSV) format
To keep the modern technological world of open source software safe, it is critical to efficiently and accurately communicate information about open source vulnerabilities. The OSV Schema, created through the collaboration between OpenSSF members and housed within the Vulnerability Disclosures Working Group, provides a minimal, easy-to-use first class JSON format… Read more.