Skip to main content

📣 Submit your proposal: OpenSSF Community Day Korea

OpenSSF Blog

Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.

Oct 10, 2022 | OpenSSF

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to discuss the challenges that exist around security and open source over time. Read more.
Azeem Shaikh, Senior Software Engineer, Google

Oct 5, 2022 | jbly

In Blog

New Meet a Maintainer Series: Q&A with Azeem Shaikh, Senior Software Engineer, Google

Meet Azeem Shaikh, Senior Software Engineer, Google. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we’ll be featuring maintainers… Read more.
OSPOs Todo Group and OpenSSF

Sep 29, 2022 | OpenSSF

In Blog

How OSPOs Can Be a Key Lever for Open Source Sustainability and Security

A well-designed Open Source Program Office (OSPO), when present, is the center of competency for an organization’s open source operations and structure. Here are a dozen ways OSPOs can be a key lever for open source sustainability & security in your organizations. Read more.
OpenSSF Day EU

Sep 28, 2022 | jbly

In Blog

OpenSSF Day at Open Source Summit Europe Highlights

Along the River Liffey in Dublin, Ireland we hosted OpenSSF Day EU at the Open Source Summit Europe earlier this month where community members gathered together to discuss the challenges, big-picture solutions, ongoing work and successes in securing the open source software (OSS) supply chain. Read more.
securing open source software act of 2022

Sep 27, 2022 | OpenSSF

In Blog

The United States Securing Open Source Software Act: What You Need to Know 

The Securing Open Source Software Act is in response to the Log4Shell vulnerability discovered in late November 2021. What is the Securing Open Source Software Act about? On 21st September 2022, U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), Chairman and Ranking Member of the Senate Homeland Security and… Read more.
SigstoreCon North America

Sep 27, 2022 | OpenSSF

First-Ever SigstoreCon at KubeCon + CloudNativeCon North America 2022

This year SigstoreCon will be hosted for the first time! The one-day event will take place on October 25, in Detroit Michigan, in co-location with KubeCon + CloudNativeCon North America. SigstoreCon aims to help accelerate how you secure your software supply chain. The great news is that this is a… Read more.
SPDX OpenSSF SBOM Everywhere

Sep 13, 2022 | OpenSSF

In Blog

Funding Python SPDX Development with the OpenSSF and SBOM Everywhere

SBOM Everywhere, as the name suggests, is working towards bringing SBOMs to all of open source in a way that is non disruptive. The first effort of the SBOM Everywhere project was to create a plan that enabled the OpenSSF to fund work on the SDPX Python library. We are… Read more.
OpenSSF CVD Guide for Finders

Sep 13, 2022 | OpenSSF

In Blog

Coordination is Key! The OpenSSF’s CVD Guide for Finders

The Vulnerability Disclosures Working Group is proud to unveil the next evolution in improving open source coordination of vulnerability disclosures by crafting a new guide focused on the Security researcher or Finder persona. The newly published Guidance for Security Researchers to Coordinate Vulnerability Disclosures with Open Source Software Projects provides… Read more.
Concise Guides OpenSSF - Developing More Secure Software Evaluating Open Source Software

Sep 13, 2022 | OpenSSF

In Blog

Introducing New Concise Guides for Developing More Secure Software and Evaluating Open Source Software

In response to the growing concern around open source software development, OpenSSF’s Best Practices for Open Source Developers Working Group (WG) has been diligently working with concerned members and community groups on a couple of new guides for developers and consumers of open source. Read more.
Alpha-Omega Project

Sep 13, 2022 | OpenSSF

Alpha-Omega Project Announces Over $1.5M in Grants to Critical Open Source Projects and New Omega Analysis Toolchain

As part of the OpenSSF’s continued investment in critical open-source projects, we are happy to announce new partnerships and tooling from the Alpha-Omega Project. Alpha-Omega will sponsor critical security work with a $460K grant to the Rust Foundation. This work expands on funding previously announced earlier this year, bringing our… Read more.