Skip to main content

📣 Submit your proposal: OpenSSF Community Day Korea | Open Source SecurityCon

OpenSSF Blog

Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.

SLSA Survey

Mar 15, 2023 | OpenSSF

New SLSA++ Survey Reveals Real-World Developer Approaches to Software Supply Chain Security

Answering even basic questions about software supply chain security has been surprisingly hard. For instance, how widespread are the different practices associated with software supply chain security? And do software professionals view these practices as useful or not? Easy or hard? To help answer these and related questions, Chainguard, the… Read more.
OpenSSF SLSA 1.0 Release Candidate

Mar 9, 2023 | OpenSSF

In Blog

Draft Version 1.0 of SLSA Open for Comments

Supply-chain Levels for Software Artifacts (SLSA, pronounced “salsa”) is an OpenSSF project that provides specifications for software supply chain security, established by industry consensus. SLSA’s framework is organized into a series of levels that describe increasing security rigor. Version 0.1 of the SLSA specification has been out for some time.… Read more.
Open Source Policy Network

Mar 8, 2023 | OpenSSF

Why Open Source is Infrastructure, and Why it Matters

A new report by the Atlantic Council’s Cyber Statecraft Initiative helps draw light on the question on what "open source as infrastructure" really means, and why it matters: Avoiding the success trap: Toward policy for open-source software as infrastructure. Read more.
OpenSSF Welcomes New Members March 2023

Mar 7, 2023 | OpenSSF

OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security

The Open Source Security Foundation (OpenSSF) welcomes eight new members from leading technology firms. The total number of OpenSSF members is currently over 100 and organization membership saw an 88% growth in 2022 from a variety of different sectors. New OpenSSF general member commitments include those from Amesto Fortytwo, Code… Read more.

Mar 2, 2023 | OpenSSF

How to Make High-Quality SBOMs

The widespread use of software bill of materials (SBOMs) arguably depends on SBOM quality—that SBOMs contain sufficient and accurate information for the intended user to achieve their goals. But, until recently, it has been difficult to measure SBOM quality. New SBOM quality tools, a new SBOM dataset, and new SBOM… Read more.
OpenSSF Town Hall

Feb 22, 2023 | jbly

In Blog

See you at the next OpenSSF Town Hall on March 16th

Are you interested in addressing open source software (OSS) security risk? Software Bill of Materials (SBOMs)? Diversity, Equity, and Inclusion (DEI) in OSS security? If so, plan to join us at our next OpenSSF Town Hall on Thursday, March 16th at 10 AM US/Pacific Time. During this virtual town hall,… Read more.
Open Source Security Meetup, Hong Kong, March 1, 2023

Feb 21, 2023 | OpenSSF

In Blog

Inaugural OpenSSF Hong Kong Meetup on March 1

We’re delighted to announce the first-ever Open Source Security Foundation (OpenSSF) Meetup in Hong Kong! Whether you’re a member of technical staff or a business executive, if you want to hear the latest on the pressing challenges and leading initiatives in OSS security – please join us. All are welcome. Read more.
OpenSSF Board Welcome 2023

Feb 17, 2023 | jbly

In Blog

Congratulations to Newly Elected OpenSSF Governing Board Members

We are excited to welcome newly elected Governing Board members of the OpenSSF: Tracy Miranda from Chainguard, Duane O'Brien from Indeed, and Stephen Chin from JFrog. The OpenSSF Governing Board is responsible for overall management of the OpenSSF, including approving major decisions, managing the budget, and establishing advisory bodies or… Read more.
OpenSSF Day - May 10, 2023 - Vancouver

Feb 16, 2023 | jbly

In Blog

OpenSSF Day at Open Source Summit North America Call for Proposals

We’re pleased to announce we are hosting OpenSSF Day at Open Source Summit North America on Wednesday, May 10th and the call for proposals is now open. The full day program will feature keynotes from Open Source Security Foundation (OpenSSF) contributors and thought leaders. This is your chance to meet fellow… Read more.
Spotlight on Vincent Danen, Vice President of Product Security, Red Hat

Feb 14, 2023 | jbly

In Blog

Spotlight on OpenSSF Board Member: Vincent Danen, Vice President of Product Security, Red Hat

Join us for a conversation with OpenSSF Board Member, Vincent Danen. In this series, we are shining the spotlight on individuals who play a pivotal leadership role in setting the course for how we secure the open source software supply chain. Read more.