December 2023 saw the launch of SBOMit, a project that helps enhance the reliability and integrity of SBOMs (Software Bills of Materials). It does so by including, along with SBOMs,…
Read More
The security of cloud environments is a top priority for organisations worldwide. According to research by Omdia, supporting cloud and digital transformation projects is one of the top three priorities…
Read More
The Open Source Security Foundation (OpenSSF) Best Practices Working Group (WG) has just released a short guide, Correctly Using Regular Expressions for Secure Input Validation! Here’s why it’s important.
Read More
The Open Source Security Foundation (OpenSSF) has launched a new podcast titled “What’s in the SOSS?” With biweekly episodes, the series explores the world of secure open source software, delivering…
Read More
OpenSSF is excited to participate in two major events happening in July in New York City (NYC) that are dedicated to promoting open source as a tool for global cooperation…
Read More
Last week, the community convened for the OpenSSF Tech Talk, spotlighting GUAC (Graph for Understanding Artifact Composition).
Read More
In today's rapidly evolving open source ecosystem, managing vulnerabilities efficiently is crucial. That's why we're excited to share that Canonical is now issuing Ubuntu Security Notices (USNs) in the open…
Read More
Stacklok was founded in 2023 by Craig McLuckie (co-creator of Kubernetes) and Luke Hinds (creator of the OpenSSF project Sigstore), with the goal of helping developers produce and consume open…
Read More
We are excited to announce that another round of Technical Initiative (TI) funding is coming to a close with the mid-June window mentioned in the blog: How OpenSSF Technical Initiatives…
Read More
OpenSSF is making waves globally, with our footprint evident in discussions and events across continents. Join us on an "OSS Security Adventure" as we delve into our impactful presence at…
Read More