Supply chain security took a giant leap forward this month as Sigstore officially became a graduated project within the Open Source Security Foundation (OpenSSF). This milestone is a testament to Sigstore's maturity, adoption, and its undeniable impact on making the creation and distribution of software more trustworthy.
We're excited to announce the agenda for the Tabletop Exercise (TTX) at Secure Open Source Software (SOSS) Community Day NA in now live which will take place on April 15, 2024 in Seattle, WA.Ā
The OpenSSF is pleased to announce an exciting new process that will help connect impactful Technical Initiatives (TIs) with strategic funding. The OpenSSF Technical Advisory Council and Governing Board have defined a process by which OpenSSF TIās can apply for funding and weāre confident that unlocking this new process will help create a sustainable secure…
The Open Source Security Foundation (OpenSSF) has just released its 2024 plan to improve software developer education, titled āPlan for Improving Software Developer Security Educationā. This is the plan the OpenSSF Education Special Interest Group (SIG) intends to follow this year.
India's reputation as the hub of software engineering and open source contributions is undeniable. In recognizing secure open source software as a public good, we eagerly anticipate collaborating with our vibrant Indian community to ensure that open source software remains a secure and accessible resource for all
The OpenSSF is pleased to announce the Marketing Advisory Council, a benefit for OpenSSF Premier, General, and Associate members. Are you passionate about reaching developers regarding the importance of open source security? Do you thrive on collaborative efforts to promote industry visibility and outreach and work at a member company of the OpenSSF? If so,…
Calling all cybersecurity enthusiasts! We are reaching out to you on behalf of Linux Foundation Research and the Open Source Security Foundation to invite you to participate in a significant survey aimed at enhancing secure software development education. Your insights will provide valuable guidance in shaping the future of security education for software stakeholders.
In today’s dynamic technological landscape, open source software (OSS) holds a crucial position. An average of 77%–90% of any given piece of modern software is OSS. Recognizing its significance, the...
The Graph for Understanding Artifact Composition (GUAC) maintainers are pleased to announce the project has joined the Open Source Security Foundation (OpenSSF) as an Incubating Project. GUAC is an open source supply chain security project that provides dependency management and actionable insights into the security of software supply chains. GUAC was created by Kusari, Google,…
OpenSSF Scorecard is a way for maintainers and users of open source projects to better understand the security of a given project. Maintainers can get feedback on the security of their project, and suggestions on how to make it more secure. Users of open source software can use Scorecard results to make informed decisions about…
