We are thrilled to announce that the OpenSSF is hosting SOSS Community Day North America 2024, on April 15, 2024 in Seattle, Washington. This is a one day event co-located with Open Source Summit North America dedicated to Securing Open Source Software (SOSS). The call for proposal (CFP) to speak is currently open.
We are excited to start 2024 by announcing several key election results. OpenSSF Associate Members and General Members and the Community elected their representatives to the Governing Board and we elected a new and expanded Technical Advisory Council (TAC).Â
As 2023 drew to a close, OpenSSF convened the open source community in Tokyo, Japan, to delve into discussions surrounding the challenges, overarching solutions, ongoing initiatives, and triumphs in fortifying the open source software (OSS) supply chain. Alongside dedicated OpenSSF contributors and thought leaders, we embarked on an in-depth exploration of topics such as security…
Open source vulnerability scanners now increasingly support OpenVEX, helping open source users reduce the pain of managing vulnerabilities and the burden of false positives. These new integrations with OpenVEX can provide rich context on vulnerabilities in a piece of software, ensuring better scanner results such as a reduced false positive rate.
The AI Cyber Challenge (AIxCC) is structured around two tracks and multiple competitions and events. For a brief overview of AIxCC, watch the video: AI Cyber Challenge Streaming Event. Check out the announcements and challenge information here.
As we step into the year 2024, the OpenSSF envisions a year marked by transformative growth, heightened resilience, and new opportunities for individuals and organizations contributing to the flourishing ecosystem of open source software. While our recently released 2023 Annual Report highlighted some accomplishments of the OpenSSF, for a touch of fun, we also asked…
We are a thriving, diverse, nonstop community. We’re pleased to share with you our annual report for this year, which highlights our many accomplishments throughout 2023 and our plans for the future.
In August 2023, OpenSSF announced our partnership with DARPA, to support the AI Cyber Challenge (AIxCC). We set up a generative AI and autonomy for cybersecurity (GaiaCS) project to support our partnership activities and today, we are excited to announce that OpenSSF has brought on board Will Pearce and Nick Landers to support GaiaCS and…
In a collective effort to fortify cybersecurity practices and safeguard the software supply chain, the US National Security Agency (NSA), in collaboration with the Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners, has released a comprehensive cybersecurity technical report (CTR). The Securing the Software Supply…
We’re happy to announce the launch of SBOMit – a tool to add in-toto attestations to SBOMs (Software Bills of Material). The SBOMit specification is a SBOM-format independent method for attesting components with additional verification information.
