Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Aug 14, 2025 |
Case Study: How LFX Insights and OSPS Baseline Validated GUAC’s Security in Under an Hour
Tools: GUAC, OSPS Baseline, LFX Insights Challenge: Demonstrating strong security posture quickly and credibly to stakeholders Solution: Leveraging Linux Foundation Insights (LFX Insights) and the Open Source Security Foundation (OpenSSF) Open Source Project Security Baseline (OSPS Baseline) for instant, standards-aligned validation Result: Saved significant time in verifying security practices, completing… Read more.
Aug 14, 2025 |
In Blog
OpenSSF at Black Hat USA 2025 & DEF CON 33: AIxCC Highlights, Big Wins, and the Future of Securing Open Source
The Open Source Security Foundation (OpenSSF) marked a strong presence at two cornerstone cybersecurity events, Black Hat USA 2025 and DEF CON 33, engaging with security leaders, showcasing our initiatives, and fostering collaboration to advance open source security. Read more.
Aug 12, 2025 |
Securing AI: The Next Cybersecurity Battleground
The AI wave is here, and it’s only getting bigger. According to a recent report from McKinsey, “over the next three years, 92 percent of companies plan to increase their AI investments.” As this AI wave washes over almost every industry and is integrated deeply and extensively into critical and… Read more.
Aug 8, 2025 |
From Beginner to Builder: Understanding OpenSSF Community and Working Groups
The Open Source Security Foundation (OpenSSF) serves as the global hub for collaborative work on securing the software supply chain. Whether you’re an open-source maintainer, a security engineer, a student, or someone passionate about public digital infrastructure, OpenSSF invites you to participate. There are no gatekeepers, no matter where you… Read more.
Aug 6, 2025 |
In Blog
OpenSSF at DEF CON 33: AI Cyber Challenge (AIxCC), MLSecOps, and Securing Critical Infrastructure
By Jeff Diecks The OpenSSF team will be attending DEF CON 33, where the winners of the AI Cyber Challenge (AIxCC) will be announced. We will also host a panel discussion at the AIxCC village to introduce the concept of MLSecOps. AIxCC, led by DARPA and ARPA-H, is a two-year… Read more.
Aug 5, 2025 |
Visualizing Secure MLOps (MLSecOps): A Practical Guide for Building Robust AI/ML Pipeline Security
By Sarah Evans and Andrey Shorov The world of technology is constantly evolving, and with the rise of Artificial Intelligence (AI) and Machine Learning (ML), the demand for robust security measures has become more critical than ever. As organizations rush to deploy AI solutions, the gap between ML innovation and… Read more.
Aug 1, 2025 |
In Blog
🎉 Celebrating Five Years of OpenSSF: A Journey Through Open Source Security
August 2025 marks five years since the official formation of the Open Source Security Foundation (OpenSSF). Born out of a critical need to secure the software supply chains and open source ecosystems powering global technology infrastructure, OpenSSF quickly emerged as a community-driven leader in open source security. "OpenSSF was founded… Read more.
Jul 31, 2025 |
Speaking, Volunteering, Parenting, and Exploring Nature — My Week at OSS Summit NA 2025
Earlier this summer, Eman Abu Ishgair had the privilege of attending the Open Source Summit North America 2025 in Denver — one of the largest gatherings of open source contributors, maintainers, researchers, and advocates. Even more exciting: I participated as a speaker, volunteer, and a new community member during the… Read more.
Jul 23, 2025 |
Case Study: Google Secures Machine Learning Models with sigstore
As machine learning (ML) evolves at lightning speed, so do the threats. The rise of large models like LLMs has accelerated innovation—but also introduced serious vulnerabilities. Data poisoning, model tampering, and unverifiable origins are not theoretical—they’re real risks that impact the entire ML supply chain. Model hubs, platforms for data… Read more.
Jul 21, 2025 |
In Blog
Building India’s Open Source Security Community: Join Us in Hyderabad!
At the Open Source Security Foundation (OpenSSF), our mission to secure open source software is global—and nowhere is this more vital than in India, home to one of the largest and fastest-growing developer populations in the world. As open source contributions surge across the subcontinent, so too must awareness of… Read more.