The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024. It covers many types of devices and applications that are either sold or otherwise made commercially available on the European market and the intention behind…
We’re thrilled to announce that the Call for Proposals is now open for Open Source SecurityCon, a brand new event hosted by OpenSSF and CNCF, taking place on November 10, 2025, in Atlanta, Georgia.
Ericsson, a global leader in telecommunications and networking, has been deeply engaged in open source and software security for over a decade. Through its Open Source Program Office (OSPO), Ericsson...
New Customizable Global Framework Aligns IT Job Roles with Practical Cybersecurity Skills SAN FRANCISCO, CA – May 14, 2025 – The Linux Foundation, the nonprofit organization enabling mass innovation through...
Submit your proposal by 26 May, 2025 to Join the Conversation on Open Source Security. The Open Source Security Foundation (OpenSSF) invites you to be part of our upcoming OpenSSF Community Day Europe, happening on Thursday, 28 August in Amsterdam, Netherlands and co-located with Open Source Summit EU! This event brings together contributors, maintainers, practitioners,…
Hands-on experience and contributions to open source software (OSS) projects are a major advantage for obtaining a job in software engineering (SWE) and/or cybersecurity. At the same time, mentoring and coaching experiences are increasingly viewed as important leadership skills in tech jobs. Programs like the LFX Mentorship are one way to offer these experiences and…
The Open Source Security Foundation (OpenSSF) Best Practices Working Group has released the new guide Simplifying Software Component Updates. This guide gives software producers and consumers practical steps to simplify component compatibility. Applying the principles in this guide will eliminate many vulnerabilities in software. To understand why, it’s necessary to understand modern software development practices.
On April 24, the Open Source Security Foundation (OpenSSF) hosted a Tech Talk to help open source maintainers, contributors, and organizations better navigate the growing landscape of security standards and regulations.
Modern software demands more than technical know-how—it requires a deep understanding of secure, sustainable, and scalable systems. Recognizing this, the Linux Foundation has launched its Academic Computing Accreditation Program, formally recognizing academic programs that align with industry-approved curricula from both the Open Source Security Foundation (OpenSSF) and the Cloud Native Computing Foundation (CNCF).
