Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Mar 20, 2024 |
Sigstore Graduates: A Monumental Step Towards Secure Software Supply Chains
Supply chain security took a giant leap forward this month as Sigstore officially became a graduated project within the Open Source Security Foundation (OpenSSF). This milestone is a testament to Sigstore's maturity, adoption, and its undeniable impact on making the creation and distribution of software more trustworthy. Read more.
Mar 19, 2024 |
In Blog
Join OpenSSF for our First Tabletop Exercise (TTX) at SOSS Community Day North America
We're excited to announce the agenda for the Tabletop Exercise (TTX) at Secure Open Source Software (SOSS) Community Day NA in now live which will take place on April 15, 2024 in Seattle, WA.Ā Read more.
Mar 19, 2024 |
In Blog
How OpenSSF Technical Initiatives Can Receive Strategic Funding
The OpenSSF is pleased to announce an exciting new process that will help connect impactful Technical Initiatives (TIs) with strategic funding. The OpenSSF Technical Advisory Council and Governing Board have defined a process by which OpenSSF TIās can apply for funding and weāre confident that unlocking this new process will… Read more.
Mar 18, 2024 |
In Blog
OpenSSF Releases Plan for Improving Software Developer Security Education
The Open Source Security Foundation (OpenSSF) has just released its 2024 plan to improve software developer education, titled āPlan for Improving Software Developer Security Educationā. This is the plan the OpenSSF Education Special Interest Group (SIG) intends to follow this year. Read more.
Mar 15, 2024 |
In Blog
The India Initiative: An OpenSSF Awareness Program for a Secure Future
India's reputation as the hub of software engineering and open source contributions is undeniable. In recognizing secure open source software as a public good, we eagerly anticipate collaborating with our vibrant Indian community to ensure that open source software remains a secure and accessible resource for all Read more.
Mar 14, 2024 |
In Blog
OpenSSF Marketing Advisory Council Aims to Shape the Future of Open Source Security Advocacy
The OpenSSF is pleased to announce the Marketing Advisory Council, a benefit for OpenSSF Premier, General, and Associate members. Are you passionate about reaching developers regarding the importance of open source security? Do you thrive on collaborative efforts to promote industry visibility and outreach and work at a member company… Read more.
Mar 11, 2024 |
In Blog
Participate in Our Survey on Secure Software Development Education!
Calling all cybersecurity enthusiasts! We are reaching out to you on behalf of Linux Foundation Research and the Open Source Security Foundation to invite you to participate in a significant survey aimed at enhancing secure software development education. Your insights will provide valuable guidance in shaping the future of security… Read more.
Mar 7, 2024 |
In Blog
OpenSSF and CISA Join Forces to Secure Open Source Software
In today's dynamic technological landscape, open source software (OSS) holds a crucial position. An average of 77%-90% of any given piece of modern software is OSS. Recognizing its significance, the US Cybersecurity and Infrastructure Security Agency (CISA) recently concluded a two-day Open Source Software (OSS) Security Summit in March 2024,… Read more.
Mar 7, 2024 |
In Blog
Graph for Understanding Artifact Composition (GUAC): Joins OpenSSF as Incubating Project
The Graph for Understanding Artifact Composition (GUAC) maintainers are pleased to announce the project has joined the Open Source Security Foundation (OpenSSF) as an Incubating Project. GUAC is an open source supply chain security project that provides dependency management and actionable insights into the security of software supply chains. GUAC… Read more.
Mar 5, 2024 |
In Blog
OpenSSF Scorecard: Evaluating and Improving the Health of Critical OSS Projects
OpenSSF Scorecard is a way for maintainers and users of open source projects to better understand the security of a given project. Maintainers can get feedback on the security of their project, and suggestions on how to make it more secure. Users of open source software can use Scorecard results… Read more.