Jul 24, 2024 |
In Blog
SOSS Community Day EU Agenda Now Live!
We're thrilled to announce that the agenda for Secure Open Source Software (SOSS) Community Day EU on September 19, 2024, is now live! Join us for a day filled with insightful technical talks, engaging panels, and a hands-on Table Top Exercise (TTX). SOSS Community Day EU will be co-located with… Read more.
Jul 24, 2024 |
In Blog
SOSS Fusion 2024 CFP Results: A Look at Our Diverse and Engaging Program
As the Call for Proposals (CFP) for the Secure Open Source Software (SOSS) Fusion Conference wrapped up, we wanted to share some insights about the submissions that highlight how Fusion will be a premier event in open source security. SOSS Fusion brings together the brightest minds in software development and… Read more.
Jul 23, 2024 |
In Blog
Celebrating Excellence: An Interview with Golden Egg Award Winner Christopher “CRob” Robinson
As we unveiled the Golden Egg Award winners in April during the SOSS Community Day North America, we recognized those who go above and beyond in enriching our community. Today, we spotlight Christopher “CRob” Robinson, the winner of the Golden Egg Award for OpenSSF Community Engagement. CRob has made continuous… Read more.
Jul 19, 2024 |
In Blog
Recognizing Excellence in OSS Community: Golden Egg Award Nominations Are Now Open!
Submitting a nomination is easy! Fill out the nomination form, providing details about the nominee’s contributions and why you believe they deserve the Golden Egg Award. Read more.
Jul 17, 2024 |
In Blog
AI Cyber Challenge (AIxCC) and the Needle Linux Kernel Vulnerability – Part 2
In part 1 we discussed the Artificial Intelligence Cyber Challenge (AIxCC), a two-year competition to create AI systems that find software vulnerabilities and develop fixes to them. We also discussed a specific vulnerability in the Linux kernel, called needle, as an example of the kind of vulnerability we’d like such… Read more.
Jul 17, 2024 |
The Linux Foundation and OpenSSF Release Report on the State of Education in Secure Software Development
Findings show nearly one-third of industry professionals are not familiar with secure software development practices Read more.
Jul 10, 2024 |
In Blog
AI Cyber Challenge (AIxCC) and the Needle Linux Kernel Vulnerability – Part 1
Could artificial intelligence (AI) practically help find and fix vulnerabilities in a scalable way? We don’t know for certain, but there’s hope that it could. In this article, we’ll look at a competition to encourage the development of AI-enabled tools that will automatically find and fix vulnerabilities. By itself, this… Read more.
Jul 8, 2024 |
In Blog
Learn How To Develop Secure Software!
The Open Source Security Foundation (OpenSSF), in partnership with Linux Foundation Training & Certification, offers a free online training course, Developing Secure Software (LFD121). Those who complete the course and pass the final exam will earn a free certificate of completion valid for two years. Read more.
Jul 5, 2024 |
In Blog
Why are Organizations Struggling to Implement Secure Software Development?
The Secure Software Development Education 2024 Survey, conducted through a partnership between the Open Source Security Foundation (OpenSSF) and Linux Foundation (LF) Research, examines the secure software development education needs of professionals in this field. Our results indicate that the need for security awareness and training is one of the top… Read more.
Jul 3, 2024 |
Chainguard Enhances Security With OSV Advisory Feed
In today's rapidly evolving open source ecosystem, managing vulnerabilities efficiently is crucial. To address this,Chainguard is now publishing its security advisory feed in the Open Source Vulnerabilities (OSV) format. This integration aims to simplify vulnerability management and enhance security for users of open source software. Read more.