Ericsson, a global leader in telecommunications and networking, has been deeply engaged in open source and software security for over a decade. Through its Open Source Program Office (OSPO), Ericsson...
New Customizable Global Framework Aligns IT Job Roles with Practical Cybersecurity Skills SAN FRANCISCO, CA – May 14, 2025 – The Linux Foundation, the nonprofit organization enabling mass innovation through...
Submit your proposal by 26 May, 2025 to Join the Conversation on Open Source Security. The Open Source Security Foundation (OpenSSF) invites you to be part of our upcoming OpenSSF Community Day Europe, happening on Thursday, 28 August in Amsterdam, Netherlands and co-located with Open Source Summit EU! This event brings together contributors, maintainers, practitioners,…
Hands-on experience and contributions to open source software (OSS) projects are a major advantage for obtaining a job in software engineering (SWE) and/or cybersecurity. At the same time, mentoring and coaching experiences are increasingly viewed as important leadership skills in tech jobs. Programs like the LFX Mentorship are one way to offer these experiences and…
The Open Source Security Foundation (OpenSSF) Best Practices Working Group has released the new guide Simplifying Software Component Updates. This guide gives software producers and consumers practical steps to simplify component compatibility. Applying the principles in this guide will eliminate many vulnerabilities in software. To understand why, it’s necessary to understand modern software development practices.
On April 24, the Open Source Security Foundation (OpenSSF) hosted a Tech Talk to help open source maintainers, contributors, and organizations better navigate the growing landscape of security standards and regulations.
Modern software demands more than technical know-how—it requires a deep understanding of secure, sustainable, and scalable systems. Recognizing this, the Linux Foundation has launched its Academic Computing Accreditation Program, formally recognizing academic programs that align with industry-approved curricula from both the Open Source Security Foundation (OpenSSF) and the Cloud Native Computing Foundation (CNCF).
SAN FRANCISCO, CA – April 29, 2025 – The Open Source Security Foundation (OpenSSF), in collaboration with LF Education, announces the general availability of LFEL1001, a free online course designed to help software developers understand and prepare for the requirements of the European Union (EU) Cyber Resilience Act (CRA). In just one week, the course…
The OpenSSF's Memory Safety SIG has just released "The Memory Safety Continuum". It was written with software developers, organizations, and security professionals in mind and it provides practical insights and strategies for enhancing software security wherever you are on the memory safety spectrum today.
The Open Source Security Foundation (OpenSSF) is proud to share that the Repository Service for The Update Framework (RSTUF) has completed a successful third-party security audit—marking a key milestone on its path to a stable 1.0.0 release.
