Skip to main content

May 5, 2021 | Carly Driggers

In Blog

Introducing the Security Reviews Initiative

Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group In addition to the Security Metrics initiative, the OpenSSF is proud to announce the Security Reviews initiative. Security Reviews joins a growing list of coordinated efforts spearheaded by the OpenSSF, aimed at securing the open source ecosystem. The… Read more.

May 4, 2021 | Carly Driggers

In Blog

May 2021 Update: OpenSSF Unveils New Security Initiative

The Open Source Security Foundation (OpenSSF) community is working diligently to improve the security of the open source ecosystem. This is no small mission, so we are excited to share all of the work that is happening. In case you missed our recent Town Hall meeting, the resources can be… Read more.

May 3, 2021 | Carly Driggers

In Blog

Introducing the Security Metrics Initiative

Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group The OpenSSF would like to announce the initial release of the Security Metrics initiative. The primary objective of this initiative is to provide valuable decisive information about threats and risks associated with open source projects. Security Metrics comes… Read more.

Apr 14, 2021 | Carly Driggers

In Blog

Upcoming OpenSSF Town Hall on May 3, 2021

The OpenSSF community has been working diligently to improve the security of the open source ecosystem. We would like to share all of the great work that is happening and invite you to participate. We hope to see you at our next OpenSSF Town Hall Meeting on Monday, May 3,… Read more.

Feb 3, 2021 | OpenSSF

In Blog

Upcoming OpenSSF Town Hall on February 22

The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open-source ecosystem. We all know this is no small mission and so we’re taking a moment to report out on all the work that’s happening and invite you to participate.… Read more.

Jan 28, 2021 | OpenSSF

In Blog

January 2021 Update: New Technical Vision Informs Working Group Progress 

The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open source ecosystem. We all know this is no small mission and so we’re taking a moment to report out on all the work that’s happening and invite you to… Read more.

Jan 27, 2021 | OpenSSF

In Blog

Digital Identity Attestation Roundup

Author: Kim Lewandowski, on behalf of the Digital Identity Attestation Working Group We kicked off the first Digital Identity Attestation Working Group meeting under the OpenSSF in August, 2020. The objective of this working group is to enable open source maintainers, contributors and end-users to understand and make decisions on… Read more.

Dec 9, 2020 | OpenSSF

In Blog

Introducing the OpenSSF CVE Benchmark

Author: Bas van SchaikToday, at Black Hat Europe, the Open Source Security Foundation (OpenSSF) unveiled its latest initiative: the OpenSSF CVE Benchmark. The benchmark consists of vulnerable code and metadata for over 200 historical JavaScript/TypeScript vulnerabilities (CVEs). It includes tooling for analyzing the real-world codebases that were affected by these… Read more.

Nov 23, 2020 | OpenSSF

In Blog

OpenSSF Town Hall Recording: Now Available!

The video recording of the Open Source Security Foundation (OpenSSF)  “Public Town Hall” meeting of November 9, 2020 is now available! This meeting shares updates and celebrates accomplishments during the first three months of the OpenSSF. It includes presentations from the OpenSSF Governing Board, Technical Advisory Council, and Working Group… Read more.

Nov 6, 2020 | OpenSSF

In Blog

Security Scorecards for Open Source Projects

Author: Kim Lewandowski, Google Product Manager One of the first things I wanted to do when the OpenSSF launched was help people make better decisions about security when consuming open source projects, and draw more awareness to the health of these critical projects we all depend on. Some might argue… Read more.