Skip to main content

Are you an OpenSSF contributor and have something to say about security that would be of interest to the open source community?

Write a post for our blog!

About the OpenSSF Blog

The primary goal of the OpenSSF Blog is to provide informative and educational content about open source software security to the wider open source community, demonstrate thought leadership, share important milestones, and highlight the value of getting involved in the work of OpenSSF.

Blog Guidelines

We aim to keep OpenSSF blog posts short and focused on what’s newsworthy, what’s cool, and what’s important to our community. We encourage links to source material for longer descriptions and deeper dives. Content should be presented in a conversational way that provides insight from the author’s expertise and perspective.

Topic Area: Stick to topics directly relevant to open source software security and the OpenSSF.

Tone: Friendly, yet authoritative with a preference for first person voice.

Word Count: For summaries and updates – 500+ words. For technical deep-dives – 1,500+ words

Style: Focus on readability. Write for the non-expert. Spell out acronyms upon first use. Break content into easily digestible parts with headings.

Attribution: Identify author(s) and affiliations. When possible, try to have authors from multiple organizations to demonstrate breadth of support and collaboration.

Intent: No sales pitches please. While it is ok to highlight the work of an individual company, it should remain balanced and not be at the expense of others. Blogs exclusively about a for-profit-company’s products or services will not be accepted.

Images: Relevant graphics like charts, graphs, and photos are encouraged.

Submission Process

If you’d like to suggest a topic area or volunteer to write a post, send an email to with your name, topic, and few lines describing the post you’d like to write. We’ll let you know if we think your topic would be a good fit for our blog. You may use the template below to get started.

Topic Proposal Template:

  • Topic:
  • Objective:
  • Headline:
  • Author(s) (Name, Title, Organization):
  • 1-3 Key Points:
  • Call to Action:
  • Value to Community:
  • Target Publish Date:
  • Graphic(s):

Next Steps:

Once topic is approved, draft and submit the blog post. The review process for blog posts is generally 2-3 weeks using a shared Google document to capture inputs and make suggestions. OpenSSF staff will review the blog and for blogs of a technical nature, the OpenSSF Technical Advisory Council (TAC) will also be a part of the review process. Once the author has approved the final post, OpenSSF Marketing will schedule and publish the blog; provide author with the link; share with members and on OpenSSF social media channels. Don’t forget to share with your own networks too!

Contribute a Blog Topic Idea

2023 OpenSSF Editorial Calendar

This calendar gives a high-level overview of our priority areas of focus for the year. This is not an exhaustive or exclusive list, and we are always happy to accept submissions on these and other topics throughout the year. We’d love to hear your ideas!

May Software Supply Chain Security

  • SLSA
  • Attestation
June Security Tooling

  • SBOMs
  • Fuzzing
July Addressing Vulnerabilities
August Securing Software Repositories

  • OpenSSF Scorecard
  • Best practices for software developers
  • Security fundamentals/tutorials
September Securing Critical Projects

  • Project spotlights
October Identifying Security Threats

  • Alpha-Omega
  • Security metrics
  • Cybersecurity Awareness Month
November Sigstore

  • Cosign/Rekor/Gitsign/Fulcio
December End Users

  • Best practices for consuming open source software