Skip to main content

📣 Submit your proposal: OpenSSF Community Day Korea | Open Source SecurityCon

OpenSSF Blog

Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.

Manage how you protect your assets at scale with SBOMs

Jul 21, 2023 | OpenSSF

Manage how you protect your assets at scale with SBOMs

While many in the industry realize the value of having a software bill of materials, creators still need to generate high-fidelity SBOMs, and software consumers must ingest and enforce actions based on a given SBOM for it to be a useful endeavor. Otherwise, we’re just adding more to the pile… Read more.
OpenSSF Fuzz Introspector

Jul 20, 2023 | OpenSSF

Fuzz Introspector: optimizing fuzzing workflows

Fuzz Introspector is an open source tool that at its core provides insights and suggestions for improvements on how a given project is being fuzzed. In this blog post we present background information and updates on Fuzz Introspector, which is developed in a collaboration between OpenSSF and Google’s OSS-Fuzz. Read more.
OpenSSF Day EU Agenda Live

Jul 19, 2023 | jbly

In Blog

OpenSSF Day Europe Agenda Now Live

The OpenSSF Day Europe agenda is now live! We will be hosting a full day of interesting session presentations, panels, and lightning talks on September 18th, colocated with Open Source Summit Europe in Bilbao, Spain. Plan to join us to discuss the latest and greatest in ongoing efforts to secure… Read more.

Jun 30, 2023 | OpenSSF

In Blog

SBOM Everywhere and the Security Tooling Working Group: Providing the Best Security Tools for Open Source Developers

This month, we present a spotlight on the SBOM Everywhere initiative, housed under the OpenSSF Security Tooling Working Group. The mission of the Security Tooling Working Group is to identify, evaluate, improve, develop & ease deployment of universally-accessible, developer focused tooling to help the open source community secure their code. Read more.
Python Software Foundation Alpha Omega Welcome New PSF Security Developer in Residence

Jun 22, 2023 | OpenSSF

PSF Welcomes New Security Developer in Residence with Support from Alpha-Omega

Through funding by the OpenSSF’s Alpha-Omega Project, the Python Software Foundation (PSF) has hired a new security developer in residence as part of a year-long security enhancement initiative. PSF announced their intention to fill this role back in January, and after a thorough search, they have chosen Seth Michael Larson! Read more.
OpenSSF Why SBOM Generators Need to Accurately Represent Open Source Licenses

Jun 20, 2023 | OpenSSF

Why SBOM Generators Need to Accurately Represent Open Source Licenses

SBOMs enable organizations to identify vulnerabilities, track open-source usage, and ensure compliance with numerous licensing obligations. Having a “single source of truth” for security and licensing information helps everyone. Let’s take a look at why SBOM Generators need to accurately represent Open Source Licenses. Read more.
OpenSSF Day EU CFP is Open Now

Jun 7, 2023 | jbly

In Blog

OpenSSF Day at Open Source Summit Europe: Call for Proposals Now Open

We’re pleased to announce we are hosting OpenSSF Day at Open Source Summit Europe on Monday, September 18th and the call for proposals is now open. The full day program will feature keynotes from Open Source Security Foundation (OpenSSF) contributors and thought leaders. This is your chance to meet fellow open… Read more.

May 31, 2023 | OpenSSF

In Blog

OpenSSF Supply Chain Integrity Working Group Provides Security Guidance, Practical Frameworks, and Tools

Within the OpenSSF Supply Chain Integrity Working Group (SCI WG), we’re hosting a global community of individuals and organizations collaborating on scalable standardized attestable practices for supply chain security. Along the way we’re developing a shared vocabulary for the industry, a common problem model, and uniform frameworks spanning languages and… Read more.
OpenSSF Meetup Singapore

May 30, 2023 | OpenSSF

In Blog

Inaugural Open Source Security Singapore Meetup

We’re delighted to invite you to Singapore’s inaugural Open Source Security Foundation (OpenSSF) Meetup on the evening of Thursday, the 8th of June at the AWS Singapore Office to discuss how we can address cybersecurity challenges locally and globally. Read more.
Omkhar Arasaratnam OpenSSF GM

May 30, 2023 | jbly

In Blog

Meet New OpenSSF GM Omkhar Arasaratnam

Join us for a conversation with new OpenSSF General Manager, Omkhar Arasaratnam, veteran cybersecurity and technical risk management executive with more than 25 years of experience leading global organizations. In this Q&A, Omkhar covers everything from the challenges he foresees in his role to what he thinks is the most… Read more.