Skip to main content

📣 Submit your proposal: OpenSSF Community Day Korea | Open Source SecurityCon

OpenSSF Blog

Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.

Comparing Approaches to Measuring Criticality and Risk at the OpenSSF

Dec 8, 2022 | OpenSSF

In Blog

Apples and apples? Comparing Approaches to Measuring Criticality and Risk at the OpenSSF

Presenting a comparative study of the different approaches used to measure criticality and risk by a set of OpenSSF projects. Criticality is the measure of how important a package is across the global software ecosystem based on how many packages depend upon it. By combining criticality with the measure of… Read more.
OpenSSF - Welcome New Members - Q4 2022

Dec 4, 2022 | OpenSSF

OpenSSF Membership Exceeds 100 with Many New Members Dedicated to Securing Open Source Software

The Open Source Security Foundation (OpenSSF) announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform as a service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members over one hundred. Read more.
Developing Secure Software Training Course Japanese Enroll Today

Dec 4, 2022 | OpenSSF

In Blog

Free OpenSSF Developing Secure Software Training Course Now Available in Japanese

The Linux Foundation Training & Certification team, in partnership with the Open Source Software Foundation (OpenSSF), are pleased to announce the launch of one of our post popular training courses translated into Japanese - Developing Secure Software (LFD121). Read more.
OpenSSF Day Japan

Dec 1, 2022 | jbly

In Blog

Join Us For OpenSSF Day at Open Source Summit Japan

After two successful OpenSSF Days this year at Open Source Summit North America and Europe, we’re excited for our third and final OpenSSF Day of 2022 at Open Source Summit Japan on Monday, December 5th in Yokohama and online. Read more.
Contributor Q&A with Christopher "CRob" Robinson, Director of Security Communications, Intel Corporation

Nov 22, 2022 | jbly

In Blog

Contributor Q&A with Christopher “CRob” Robinson, Director of Security Communications, Intel Corporation

Meet Christopher "CRob" Robinson, Director of Security Communications, Intel Corporation. Working Group (WG) & Special Interest Group (SIG) facilitator, Technical Advisory Council (TAC) member, Committee member (Governance, Public Policy), Project(s) individual contributor, and Goose-hat wearer Read more.
OpenSSF S2C2F

Nov 16, 2022 | OpenSSF

In Blog

OpenSSF Expands Supply Chain Integrity Efforts with S2C2F

A robust strategy around securing how developers consume and manage open source software (OSS) dependencies when building software is essential. The Secure Supply Chain Consumption Framework (S2C2F) is a consumption-focused/consumer-focused framework that uses a threat-based, risk-reduction approach to mitigate real world threats in Open Source Software (OSS). Today, we are… Read more.
kubecon cloudnativecon 2022

Nov 15, 2022 | OpenSSF

In Blog

SigstoreCon Highlights

In the motor city, the community hosted the first-ever Sigstore event, SigstoreCon, in co-location with KubeCon + CloudNativeCon North America. Event highlights included the announcement of Sigstore general availability, an awards ceremony, engaging talks, and introduction of a Sigstore Landscape. If you missed out, the session recordings are now available. Read more.

Nov 9, 2022 | jbly

In Blog

Meet a Maintainer: Naveen Srinivasan, Software Engineer, Endor Labs

Meet Naveen Srinivasan, Software Engineer, Endor Labs. Maintainers play a vital role in the OpenSSF. Naveen is a software engineer at Endor Labs. He was awarded the Google Open Source Peer Bonus Award in 2021 and 2022 for his contributions to Open Source Software (OSS). He maintains a few OSS… Read more.
Luke Hinds Security Engineering Lead OCTO Red Hat Meet a Maintainer

Nov 1, 2022 | jbly

In Blog

Meet a Maintainer: Luke Hinds, Security Engineering Lead, OCTO, Red Hat

Meet Luke Hinds, Security Engineering Lead, OCTO, Red Hat. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we'll be… Read more.
Sigstore logo

Oct 25, 2022 | OpenSSF

Sigstore Announces General Availability at SigstoreCon

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification. Sigstore provides a set of tools designed to improve supply chain security by making it easy to sign, verify and… Read more.