We welcome six new members from leading technology firms to the OpenSSF. New general members include Mend.io, RTX, Shopify, SlimAI, and Stacklok. New associate member, the Rust Foundation, also joins. Technical communities continue to prioritize investment in open source security and recognize the role of supporting and sustaining open source communities in maintaining a healthy, vibrant, and secure open source ecosystem.
The OpenSSF brought together US Government (USG) officials from the National Security Council (NSC), Office of the National Cyber Director (ONCD), and the Cybersecurity and Infrastructure Security Agency (CISA) among others with industry leaders at the Secure Open Source Software (SOSS) Summit 2023. Participants at the Summit discussed the security challenges for the consumption of OSS in critical infrastructure sectors and beyond and highlighted the shared responsibility needed to ensure the resilience of OSS in critical infrastructure.
The Open Source Security Foundation (OpenSSF) announced today at Black Hat 2023 its collaboration with the Defense Advanced Research Projects Agency (DARPA) on the AI Cyber Challenge (AIxCC) – a two-year competition aimed at driving innovation at the nexus of AI and cybersecurity to create a new generation of cybersecurity tools.
The Open Source Security Foundation (OpenSSF) welcomes four new members from leading technology firms: Hitachi, Lockheed Martin, Salesforce, and SAP. The OpenSSF also welcomes new General Manager, Omkhar Arasaratnam, veteran cybersecurity and technical risk management executive. Plus Microsoft and Google commit $5 million in continued funding for Alpha-Omega.
The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA). SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. The stable release of the SLSA 1.0 Build Track lowers the barrier of entry for improvements, helps you focus efforts on improving your build, and reduces the chances of tampering across a large swath of the supply chain.
The Open Source Security Foundation (OpenSSF) welcomes eight new members from leading technology firms. The total number of OpenSSF members is currently over 100 and organization membership saw an 88% growth in 2022 from a variety of different sectors. New OpenSSF general member commitments include those from Amesto Fortytwo, Code Intelligence, Kusari, Privado, Scotiabank, Technology Innovation Institute (TII). New associate members include the Open Source Business Alliance – Bundesverband für digitale Souveränität e.V. and Python Software Foundation. We are happy to see that technical communities continue to demonstrate a strong commitment to investing in security now and for the future.
The Open Source Security Foundation (OpenSSF) announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform as a service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members over one hundred.
Today at SigstoreCon, the Sigstore community announced the general availability of its free software signing service giving open source communities access to production-grade stable services for artifact signing and verification. Sigstore provides a set of tools designed to improve supply chain security by making it easy to sign, verify and check the software developers are building and consuming.
Thought Leadership Day on open source, infrastructure, security and community curation on the 17th of October will bring together leading figures from international Open Source communities around security, and provide opportunities to discuss the challenges that exist around security and open source over time.
Capital One joins the Open Source Security Foundation (OpenSSF) as a premier member affirming its commitment to strengthening the open source software supply chain. OpenSSF is a cross-industry organization hosted at the Linux Foundation, designed to inspire and enable the community to secure the open source software we all depend on, including development, testing, fundraising, infrastructure, and support initiatives.