Aug 11, 2021 |
In Blog
Introducing the Allstar GitHub App
Authors: Mike Maraya, Jeff Mendoza We’re excited to announce Allstar, a GitHub app that provides automated continuous enforcement of security best practices for GitHub projects. With Allstar, owners can check for security policy adherence, set desired enforcement actions, and continuously enact those enforcements when triggered by a setting or file… Read more.
Jul 28, 2021 |
In Blog
July 2021 Update – New members and new resources for Best Practices and Vulnerability Disclosures underway
The Open Source Security Foundation (OpenSSF) community is working diligently to improve the security of the open source ecosystem. This is no small mission, so we are excited to share all of the work that is happening. In case you missed our recent Town Hall meeting, the resources can be… Read more.
May 14, 2021 |
In Blog
How LF communities enable security measures required by the US Executive Order on Cybersecurity
Our communities take security seriously and have been instrumental in creating the tools and standards that every organization needs to comply with the recent US Executive Order Overview The US White House recently released its Executive Order (EO) on Improving the Nation’s Cybersecurity (along with a press call) to counter “persistent and increasingly… Read more.
May 5, 2021 |
In Blog
Introducing the Security Reviews Initiative
Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group In addition to the Security Metrics initiative, the OpenSSF is proud to announce the Security Reviews initiative. Security Reviews joins a growing list of coordinated efforts spearheaded by the OpenSSF, aimed at securing the open source ecosystem. The… Read more.
May 4, 2021 |
In Blog
May 2021 Update: OpenSSF Unveils New Security Initiative
The Open Source Security Foundation (OpenSSF) community is working diligently to improve the security of the open source ecosystem. This is no small mission, so we are excited to share all of the work that is happening. In case you missed our recent Town Hall meeting, the resources can be… Read more.
May 3, 2021 |
In Blog
Introducing the Security Metrics Initiative
Author: Michael Scovetta, on behalf of the Identifying Security Threats Working Group The OpenSSF would like to announce the initial release of the Security Metrics initiative. The primary objective of this initiative is to provide valuable decisive information about threats and risks associated with open source projects. Security Metrics comes… Read more.
Apr 14, 2021 |
In Blog
Upcoming OpenSSF Town Hall on May 3, 2021
The OpenSSF community has been working diligently to improve the security of the open source ecosystem. We would like to share all of the great work that is happening and invite you to participate. We hope to see you at our next OpenSSF Town Hall Meeting on Monday, May 3,… Read more.
Feb 3, 2021 |
In Blog
Upcoming OpenSSF Town Hall on February 22
The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open-source ecosystem. We all know this is no small mission and so we’re taking a moment to report out on all the work that’s happening and invite you to participate.… Read more.
Jan 28, 2021 |
In Blog
January 2021 Update: New Technical Vision Informs Working Group Progress
The OpenSSF community has been working fast and furious since its formation last year to improve the security of the open source ecosystem. We all know this is no small mission and so we’re taking a moment to report out on all the work that’s happening and invite you to… Read more.
Jan 27, 2021 |
In Blog
Digital Identity Attestation Roundup
Author: Kim Lewandowski, on behalf of the Digital Identity Attestation Working Group We kicked off the first Digital Identity Attestation Working Group meeting under the OpenSSF in August, 2020. The objective of this working group is to enable open source maintainers, contributors and end-users to understand and make decisions on… Read more.