Blog

🎉 2025 OpenSSF Annual Report is now live! Download Report

Nov 09

Meet a Maintainer: Naveen Srinivasan, Software Engineer, Endor Labs

By jbly Blog

Meet Naveen Srinivasan, Software Engineer, Endor Labs. Maintainers play a vital role in the OpenSSF. Naveen is a software engineer at Endor Labs. He was awarded the Google Open Source…

Nov 01

Love0

Luke Hinds Security Engineering Lead OCTO Red Hat Meet a Maintainer

Meet a Maintainer: Luke Hinds, Security Engineering Lead, OCTO, Red Hat

By jbly Blog

Meet Luke Hinds, Security Engineering Lead, OCTO, Red Hat. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to…

Oct 25

Love0

Sigstore Announces General Availability at SigstoreCon

By OpenSSF Blog, Press Release, Sigstore

Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification.…

Oct 24

Love0

OpenSSF Project Alpha-Omega Invests in the OpenJS Foundation and jQuery to Help Secure the Consumer Web

By Brian Behlendorf Alpha-Omega, Blog

Today, we’re excited to share that the Open Source Security Foundation (OpenSSF) Project Alpha-Omega is committing $350,000 to reduce potential security incidents for jQuery by helping modernize its consumers and…

Oct 20

Love0

state of the software supply chain sonatype

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

By OpenSSF Blog

Projects adopting the practices set out by the OpenSSF in its Security Score, including adopting a dependency update tool that ensures rapid updating of vulnerable dependencies, will improve their project's…

Oct 19

Love0

Contributor Q&A with Melba Lopez, STSM – Supply Chain Security, IBM

By jbly Blog

Meet Melba Lopez, STSM - Supply Chain Security, IBM. Contributors play an important role in the OpenSSF and the Linux Foundation, so we want to give you a chance to…

Oct 12

Love0

MEET A MAINTAINER Priya Wadhwa Chainguard

Meet a Maintainer: Q&A with Priya Wadhwa, Software Engineer, Chainguard

By jbly Blog

Meet Priya Wadhwa, Software Engineer, Chainguard. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of…

Oct 11

Love0

Critical Infrastructure Security Summit OpenSSF

Securing Open Source Software is Securing Critical Infrastructure

By David Wheeler Blog

Securing critical OSS components and infrastructure is an important part of securing critical infrastructure. When we consider open source critical infrastructure we must keep in mind that not all OSS…

Oct 10

Love0

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

By OpenSSF Blog, Press Release

Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to…

Oct 05

Love0

New Meet a Maintainer Series: Q&A with Azeem Shaikh, Senior Software Engineer, Google

By jbly Blog

Meet Azeem Shaikh, Senior Software Engineer, Google. Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some…

Meet a Maintainer: Naveen Srinivasan, Software Engineer, Endor Labs

Meet a Maintainer: Luke Hinds, Security Engineering Lead, OCTO, Red Hat

Sigstore Announces General Availability at SigstoreCon

OpenSSF Project Alpha-Omega Invests in the OpenJS Foundation and jQuery to Help Secure the Consumer Web

Report Finds OpenSSF Scorecards Are Highly Effective Measures to Assess Project Security

Contributor Q&A with Melba Lopez, STSM – Supply Chain Security, IBM

Meet a Maintainer: Q&A with Priya Wadhwa, Software Engineer, Chainguard

Securing Open Source Software is Securing Critical Infrastructure

OpenUK and OpenSSF Announce Open Source Security and Community Curation Event Schedule

New Meet a Maintainer Series: Q&A with Azeem Shaikh, Senior Software Engineer, Google

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox