Skip to main content
kubecon cloudnativecon 2022

Nov 15, 2022 | OpenSSF

In Blog

SigstoreCon Highlights

In the motor city, the community hosted the first-ever Sigstore event, SigstoreCon, in co-location with KubeCon + CloudNativeCon North America. Event highlights included the announcement of Sigstore general availability, an awards ceremony, engaging talks, and introduction of a Sigstore Landscape. If you missed out, the session recordings are now available. Read more.

Nov 9, 2022 | jbly

In Blog

Meet a Maintainer: Naveen Srinivasan, Software Engineer, Endor Labs

Meet Naveen Srinivasan, Software Engineer, Endor Labs. Maintainers play a vital role in the OpenSSF. Naveen is a software engineer at Endor Labs. He was awarded the Google Open Source Peer Bonus Award in 2021 and 2022 for his contributions to Open Source Software (OSS). He maintains a few OSS… Read more.
Luke Hinds Security Engineering Lead OCTO Red Hat Meet a Maintainer

Nov 1, 2022 | jbly

In Blog

Meet a Maintainer: Luke Hinds, Security Engineering Lead, OCTO, Red Hat

Meet Luke Hinds, Security Engineering Lead, OCTO, Red Hat. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we'll be… Read more.
Sigstore logo

Oct 25, 2022 | OpenSSF

Sigstore Announces General Availability at SigstoreCon

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification. Sigstore provides a set of tools designed to improve supply chain security by making it easy to sign, verify and… Read more.
OpenJS jQuery OpenSSF Alpha Omega

Oct 24, 2022 | amartin

OpenSSF Project Alpha-Omega Invests in the OpenJS Foundation and jQuery to Help Secure the Consumer Web

Today, we’re excited to share that the Open Source Security Foundation (OpenSSF) Project Alpha-Omega is committing $350,000 to reduce potential security incidents for jQuery by helping modernize its consumers and its code. Read more.
state of the software supply chain sonatype

Oct 20, 2022 | OpenSSF

In Blog

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's security and the security of the open source projects that depend on them. Dependency management is critical, because Sonatype’s research… Read more.
QA Contributor Melba Lopez IBM

Oct 19, 2022 | jbly

In Blog

Contributor Q&A with Melba Lopez, STSM – Supply Chain Security, IBM

Meet Melba Lopez, STSM - Supply Chain Security, IBM. Contributors play an important role in the OpenSSF and the Linux Foundation, so we want to give you a chance to meet some of the amazing individuals in the open source software (OSS) security community. Over the next few weeks we’ll… Read more.
MEET A MAINTAINER Priya Wadhwa Chainguard

Oct 12, 2022 | jbly

In Blog

Meet a Maintainer: Q&A with Priya Wadhwa, Software Engineer, Chainguard

Meet Priya Wadhwa, Software Engineer, Chainguard. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we'll be featuring maintainers and… Read more.
Critical Infrastructure Security Summit OpenSSF

Oct 11, 2022 | David Wheeler

In Blog

Securing Open Source Software is Securing Critical Infrastructure

Securing critical OSS components and infrastructure is an important part of securing critical infrastructure. When we consider open source critical infrastructure we must keep in mind that not all OSS is equally important, but some OSS (& its supporting infrastructure) are very critical. Several initiatives are underway at the OpenSSF… Read more.

Oct 10, 2022 | OpenSSF

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to discuss the challenges that exist around security and open source over time. Read more.