Skip to main content

OpenSSF Week at a Glance – Feb 20

By February 20, 2024

Announcing the First Ever SOSS Fusion Conference: How You Can Get Involved

Register-Now
We are thrilled to announce the first everĀ Secure Open Source Software (SOSS) Fusion Conference 2024, a two-day conference hosted by the OpenSSF in Atlanta, GA. Set to take place on October 22-23, 2024, at The Hotel at Avalon, this event is dedicated to Securing Open Source Software (SOSS). The eventĀ registrationĀ is now open, and we invite you to join this event to contribute to the discussions around open source software security.

 

OpenSSF Participates in Department of Commerce Consortium Dedicated to AI Safety

OpenSSF Participates in Department of Commerce Consortium Dedicated to AI Safety

The Open Source Security Foundation (OpenSSF) is participating in the Biden-Harris Administrationā€™s first-ever Consortium Dedicated to AI Safety, led by the US Department of Commerce. We join over 200 leading artificial intelligence (AI) stakeholders in supporting the development and deployment of trustworthy and safe AI along with other Linux Foundation (LF) projects including LF AI & Data, SPDX, and C2PA.Ā 

 

Linux Kernel Achieves CVE Numbering Authority Status

linuxkernelachievesCVE
The Linux kernel has achieved a significantĀ milestoneĀ in open source software security. It has been authorized as a CVE Numbering Authority (CNA) by theĀ CVE Program. Being a CNA enables the Linux kernel team to manage the vulnerabilities with more accuracy and higher quality in the future.Ā  As Linux Foundation Fellow Greg Kroah-Hartman pointed out in hisĀ blog: ā€œThis announcement is just the first step, allowing us to be the manager of the CVE allocation process for Linux.ā€

 

Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing

scalingupsupplychainsecurity
In this case study, we will explore how Yahoo leverages Sigstore, in concert with Athenz, an open source platform for managing X.509 certificates, as an internal Certificate Authority, to sign and verify container images.

 

Alpha-Omega 2023 Annual Report

AO-Annual-Report-Blog-Image
In 2023,Ā Alpha-Omega provided ten grants to eight organizations totalling over $2.8 million dollars, with an average grant size of just over $350,000. Together with OpenSSF, Alpha-Omegaā€™s mission is to catalyze sustainable security improvements within the most critical open source projects and ecosystems. Read the blog for key highlights from 2023.

 

In the Headlines

Don’t Forget…

SOSS