Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Aug 1, 2025 |
In Blog
🎉 Celebrating Five Years of OpenSSF: A Journey Through Open Source Security
August 2025 marks five years since the official formation of the Open Source Security Foundation (OpenSSF). Born out of a critical need to secure the software supply chains and open source ecosystems powering global technology infrastructure, OpenSSF quickly emerged as a community-driven leader in open source security. "OpenSSF was founded… Read more.
Jul 31, 2025 |
Speaking, Volunteering, Parenting, and Exploring Nature — My Week at OSS Summit NA 2025
Earlier this summer, Eman Abu Ishgair had the privilege of attending the Open Source Summit North America 2025 in Denver — one of the largest gatherings of open source contributors, maintainers, researchers, and advocates. Even more exciting: I participated as a speaker, volunteer, and a new community member during the… Read more.
Jul 23, 2025 |
Case Study: Google Secures Machine Learning Models with sigstore
As machine learning (ML) evolves at lightning speed, so do the threats. The rise of large models like LLMs has accelerated innovation—but also introduced serious vulnerabilities. Data poisoning, model tampering, and unverifiable origins are not theoretical—they’re real risks that impact the entire ML supply chain. Model hubs, platforms for data… Read more.
Jul 21, 2025 |
In Blog
Building India’s Open Source Security Community: Join Us in Hyderabad!
At the Open Source Security Foundation (OpenSSF), our mission to secure open source software is global—and nowhere is this more vital than in India, home to one of the largest and fastest-growing developer populations in the world. As open source contributions surge across the subcontinent, so too must awareness of… Read more.
Jul 15, 2025 |
New: Cyber Resilience Act (CRA) Brief Guide for OSS Developers
Specialized software, such as software in medical devices, has been regulated for years. But laws on specialized software affected very few developers. The European Union (EU) Cyber Resilience Act (CRA) is fundamentally different. Read more.
Jul 14, 2025 |
In Blog
Recap: OpenSSF Community Day North America 2025
OpenSSF Community Day North America 2025 brought together contributors and stakeholders from across the open source security ecosystem for a full day of exchange, discussion, and collaboration. Held alongside Open Source Summit in Denver, the event featured over 25 sessions, Lightning Talks, and a live Table-Top Exercise (TTX) — drawing… Read more.
Jul 8, 2025 |
In Blog
Recap: OpenSSF Community Day Japan 2025
OpenSSF Community Day Japan returned to Tokyo for its third consecutive year in 2025, bringing together a diverse group of developers, researchers, government representatives, and industry experts to focus on securing the open source ecosystem. Read more.
Jun 27, 2025 |
In Blog
On-Demand Webinar: Cybersecurity Skills, Simplified
A Framework That Works Cybersecurity isn’t just the responsibility of a dedicated team anymore. Whether you’re an engineer, a product owner, or part of the executive suite, your day-to-day decisions have a direct impact on your organization’s security. That was the clear message from the expert panel featured in our… Read more.
Jun 27, 2025 |
In Blog
OpenSSF at UN Open Source Week 2025: Securing the Supply Chain Through Global Collaboration
OpenSSF participated in the 2025 UN Open Source Week, a global gathering of participants hosted by the United Nations Office for Digital and Emerging Technologies, focused on harnessing open source innovation to achieve the Sustainable Development Goals (SDGs). Held in New York City, the event gathered technology leaders, policymakers, and… Read more.
Jun 26, 2025 |
OpenSSF Welcomes New Members and Presents Golden Egg Award
Foundation furthers mission to enhance the security of open source software DENVER – OpenSSF Community Day North America – June 26, 2025 – The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), welcomes six new members from… Read more.