OpenSSF Working Groups

Explore our Working Groups and Get Involved

Participating in Working Groups and their projects is not only fun, it’s the best way to immerse yourself in the OpenSSF and the critical challenges facing open source security today. OpenSSF Working Groups are open to anyone – you don’t have to belong to specific organizations to start contributing to our projects, or to discuss issues in our Slack or Mailing List channels. Each working group has multiple projects and initiatives to explore. Join the community spaces to get involved with an existing project, or propose a new idea.

Best Practices for Open Source Developers

This group works to provide open source developers with best practices recommendations, and easy ways to learn and apply them.

GitHub | Slack | Email List

Securing Critical Projects

This group exists to identify and help to allocate resources to secure the critical open source projects we all depend on.

GitHub | Slack | Email List

Supply Chain Integrity

This group is helping people understand and make decisions on the provenance of the code they maintain, produce and use.

GitHub | Slack | Email List

Securing Software Repositories

This group provides a collaborative environment for aligning on the introduction of new tools and technologies to strengthen and secure software repositories.

GitHub | Slack | Email List

Identifying Security Threats in Open Source Projects

This group enables informed confidence in the security of OSS by collecting, curating, and communicating relevant metrics and metadata.

GitHub | Slack | Email List

Security Tooling

This group’s mission is to provide the best security tools for open source developers and make them universally accessible.

GitHub | Slack | Email List

Vulnerability Disclosures

This group is improving the overall security of the OSS ecosystem by helping advance vulnerability reporting and communication.

GitHub | Slack | Email List

Specific Initiative Funds

In addition to the core working groups, OpenSSF is home to important, cross-cutting initiatives and projects that require focused resources and staff. SIFs leverage OpenSSF working groups, external open source projects, and member contributions to make a big impact on the open source ecosystem. Current SIFs are:

Sigstore
Project Alpha-Omega
GNU Toolchain Infrastructure – coming soon

Check out the project websites or join our Slack workspace for more information on how to get involved with these projects.

Copyright © 2022 The Linux Foundation® . All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use.