Announcing the OpenSSF Vulnerability Disclosure WG guide to disclosure for OSS projects
Authors: Anne Bertucio, Christopher Robinson, David Wheeler, OpenSSF Vulnerability Disclosure WG members https://github.com/ossf/oss-vulnerability-guide/blob/main/guide.md Vulnerability disclosure is the process of reporting, remediating, and communicating the details of a discovered vulnerability. This…
Read More
Introducing the Allstar GitHub App
Authors: Mike Maraya, Jeff Mendoza We’re excited to announce Allstar, a GitHub app that provides automated continuous enforcement of security best practices for GitHub projects. With Allstar, owners can check…
Read More
July 2021 Update – New members and new resources for Best Practices and Vulnerability Disclosures underway
The Open Source Security Foundation (OpenSSF) community is working diligently to improve the security of the open source ecosystem. This is no small mission, so we are excited to share…
Read More
How LF communities enable security measures required by the US Executive Order on Cybersecurity
Our communities take security seriously and have been instrumental in creating the tools and standards that every organization needs to comply with the recent US Executive Order Overview The US…
Read More
Introducing the Security Reviews Initiative
Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group In addition to the Security Metrics initiative, the OpenSSF is proud to announce the Security Reviews initiative. Security…
Read More
May 2021 Update: OpenSSF Unveils New Security Initiative
The Open Source Security Foundation (OpenSSF) community is working diligently to improve the security of the open source ecosystem. This is no small mission, so we are excited to share…
Read More
Introducing the Security Metrics Initiative
Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group The OpenSSF would like to announce the initial release of the Security Metrics initiative. The primary objective of…
Read More
Upcoming OpenSSF Town Hall on May 3, 2021
The OpenSSF community has been working diligently to improve the security of the open source ecosystem. We would like to share all of the great work that is happening and…
Read More
Upcoming OpenSSF Town Hall on February 22
The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open-source ecosystem. We all know this is no small mission…
Read More
January 2021 Update: New Technical Vision Informs Working Group Progress
The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open source ecosystem. We all know this is no small…
Read More
Digital Identity Attestation Roundup
Author: Kim Lewandowski, on behalf of the Digital Identity Attestation Working Group We kicked off the first Digital Identity Attestation Working Group meeting under the OpenSSF in August, 2020. The…
Read More
Introducing the OpenSSF CVE Benchmark
Author: Bas van SchaikToday, at Black Hat Europe, the Open Source Security Foundation (OpenSSF) unveiled its latest initiative: the OpenSSF CVE Benchmark. The benchmark consists of vulnerable code and metadata…
Read More
OpenSSF Town Hall Recording: Now Available!
The video recording of the Open Source Security Foundation (OpenSSF) “Public Town Hall” meeting of November 9, 2020 is now available! This meeting shares updates and celebrates accomplishments during the…
Read More
Security Scorecards for Open Source Projects
Author: Kim Lewandowski, Google Product Manager One of the first things I wanted to do when the OpenSSF launched was help people make better decisions about security when consuming open…
Read More
Announcing: Secure Software Development EdX course, Sign Up Today!
The Open Source Security Foundation (OpenSSF) has developed a trio of free courses on how to develop secure software. These courses are part of the Secure Software Development Fundamentals Professional…
Read More
OpenSSF Public Town Hall – November 9 2020, 10am Pacific
Please join us for the first-ever OpenSSF Town Hall Meeting on November 9, 2020 from 10 AM to 12 PM Pacific Time (US and Canada). In this meeting, we will…
Read More
OpenSSF seeks Security Community Individual Representative for Governing Board
The Open Source Security Foundation (OpenSSF) is accepting nominations for the Security Community Individual Representative seat on our Governing Board. The nomination period is open until October 23 2020, after…
Read More