Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Sep 22, 2025 |
From Beginner to Builder: Your First Code Contribution
Maybe you've used open source before and wondered how it all works, or you're early in your career and heard that open source contributions can boost your growth. Maybe you've witnessed software supply chain attacks and felt an urge to make a difference. Maybe you just started learning about OpenSSF… Read more.
Sep 19, 2025 |
From Ghent to Brussels: OpenSSF’s Week of Policy and Security in Europe
At the end of October, the Linux Foundation, the Linux Foundation Europe and OpenSSF will gather leaders across industry, government, and open source communities for three impactful events in Belgium. Together, these back-to-back gatherings will advance collaboration, shape policy, and highlight the critical role of open source in Europe’s digital… Read more.
Sep 18, 2025 |
In Blog
Improving Risk Management Decisions with SBOM Data: A New Whitepaper from the OpenSSF SBOM Everywhere SIG
SBOMs are becoming part of everyday software practice, but many teams still ask the same question: how do we turn SBOM data into decisions we can trust? Our new whitepaper, “Improving Risk Management Decisions with SBOM Data,” answers that by tying SBOM information to concrete risk-management outcomes across engineering, security,… Read more.
Sep 16, 2025 |
New OpenSSF Guidance on AI Code Assistant Instructions
AI code assistants are powerful tools. They can speed up development, suggest solutions, and help explore alternatives. But they also create security risks, because the results you get depend heavily on what you ask. These systems’ models are trained on vast amounts of code (much of it insecure), they don’t… Read more.
Sep 12, 2025 |
In Blog
Celebrating the Community: OpenSSF at Open Source Summit and OpenSSF Community Day Europe Recap
From August 25 to 28, 2025, the Linux Foundation hosted a high-impact week of open source collaboration and innovation in Amsterdam. OpenSSF’s participation, in both Open Source Summit Europe and OpenSSF Community Day Europe, brought together developers, maintainers, researchers, and policymakers to strengthen software supply chain security and align on… Read more.
Sep 11, 2025 |
Open Source Friday with OpenSSF – Global Cyber Policy Working Group
On August 15, 2025, GitHub’s Open Source Friday series spotlighted the Open Source Security Foundation (OpenSSF) in a live interview hosted by Kevin Crosby. Open Source Friday is GitHub’s weekly program that celebrates the creators, maintainers, and contributors who make the open source community thrive. The session introduced the OpenSSF… Read more.
Sep 11, 2025 |
In Blog
Recap: OpenSSF Community Day India 2025
On August 4, 2025, the OpenSSF hosted its second OpenSSF Community Day India in Hyderabad, co-located with Open Source Summit and KubeCon India. With 232 registrants and standing-room-only attendance, the event brought together open source enthusiasts, security experts, engineers, and students for a full day of learning, collaboration, and networking. Read more.
Sep 5, 2025 |
In Blog
OpenSSF Community Day Korea 2025 Agenda Live!
We’re excited to announce that the agenda for OpenSSF Community Day Korea is now live! Join the community on November 4, 2025, in Seoul, South Korea, co-located with Open Source Summit Korea. Join us for a full day of collaboration, hands-on learning, and future-focused conversations about securing open source software.… Read more.
Aug 28, 2025 |
OpenSSF Celebrates Global Momentum, AI/ML Security Initiatives and Golden Egg Award Winners at Community Day Europe
Foundation honors community achievements and strategic efforts to secure ML pipeline during community event in Amsterdam AMSTERDAM – OpenSSF Community Day Europe – August 28, 2025 – The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), presents… Read more.
Aug 27, 2025 |
Trustify joins GUAC
By Ben Cotton and Dejan Bosanac The superpower of open source is multiple people working together on a common goal. That works for projects, too. GUAC and Trustify are two projects bringing visibility to the software supply chain. Today, they’re combining under the GUAC umbrella. With Red Hat’s contribution of… Read more.