Blog

CNCF & OpenSSF Announce Open Source SecurityCon 2025

The Cloud Native Computing Foundation (CNCF) and the Open Source Security Foundation (OpenSSF) are thrilled to introduce Open Source SecurityCon 2025—a premier event focused on strengthening cloud-native and open source software security.

Blog CNCF Community Event Open Source SecurityCon OpenSSF

OpenSSF Policy Summit DC 2025 Recap

Blog Global Cyber Policy Open Source Policy Open Source Security OpenSSF

OpenSSF Hosts 2025 Policy Summit in Washington, D.C. to Tackle Open Source Security Challenges

WASHINGTON, D.C. – March 11, 2025 – The Open Source Security Foundation (OpenSSF) successfully hosted its 2025 Policy Summit in Washington, D.C., on Tuesday, March 4. The summit brought together...

Blog Global Cyber Policy Press Release AI security cybersecurity policy Open Source Security OpenSSF Policy Summit Software Supply Chain Security

NEW FREE COURSE: Security for Software Development Managers (LFD125)

The Open Source Security Foundation and Linux Foundation Education have announced the launch of a new, free, cybersecurity e-Learning course, Security for Software Development Managers (LFD125). The course is designed for anyone who manages, or aspires to manage, developer teams.

Blog

2025 OpenSSF Content Themes: Strengthening Open Source Security Throughout the Year

Each year, the Open Source Security Foundation (OpenSSF) is committed to securing the software supply chain through a year-long focus on key themes. Our content calendar aligns with critical security topics, industry events, and cybersecurity awareness initiatives. As we move through 2025, here’s how OpenSSF is strengthening software supply chain security—including what you need to…

Blog Guest Blog Linux Foundation OpenSSF

FOSDEM 2025: OpenSSF Community Wrap Up

The Free and Open source Software Developers’ European Meeting (FOSDEM) is a non-commercial, volunteer-organized European event centered on free and open source software development. It is aimed at developers and anyone interested in the open source software movement.

Blog Cyber Resilience Act FOSDEM Linux Foundation Open Source OpenSSF Public Policy Public Sector

OpenSSF Announces Initial Release of the Open Source Project Security Baseline

Blog Press Release Open Source Security Open Source Software OpenSSF OpenSSF Best Practices OpenSSF Initiatives OSPS Baseline Secure Coding Secure Development Practices Software Security Tools Software Supply Chain Software Supply Chain Security

Does the EU CRA affect my business?

The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024. It covers many types of devices and applications that are either sold or otherwise made commercially available on the European market and the intention behind…

Blog EU Cyber Resilience Act Global Cyber Policy CRA Cyber Resilience Act Cybersecurity Open Source OpenSSF Public Policy Public Sector Software Security Supply Chain Security

Securing Public Sector Supply Chains is a Team Sport

Blog Global Cyber Policy Guest Blog Aerospace Defense Cybersecurity DevSecOps Government Tech Open Source Security OpenSSF Public Sector SLSA Software Security Supply Chain Security VEX

Linux Foundation Europe and OpenSSF Launch Initiative to Prepare Maintainers, Manufacturers, and Open Source Stewards for Global Cybersecurity Legislation

BRUSSELS – JANUARY 31, 2025 – Linux Foundation Europe and OpenSSF are excited to announce a global joint initiative to help prepare maintainers, manufacturers, and open source stewards for the implementation of the EU Cyber Resilience Act (CRA) and future cybersecurity legislation targeting jurisdictions around the world. This effort aims to help develop and formalize…

Blog EU Cyber Resilience Act Global Cyber Policy Press Release Linux Foundation OpenSSF Public Policy Public Sector Security