Welcome to the March 2024 edition of the OpenSSF Newsletter, with our latest information on what’s been happening lately and what’s on our radar.
Scholarships for Women in Jordan: Boosting Cybersecurity Skills
To celebrate Women’s History Month, OpenSSF, Linux Foundation Training & Certification, and CNCF, in partnership with the US White House National Security Council, are launching a scholarship program for women in Jordan. This initiative offers 250 free courses and certifications in cybersecurity, including Kubernetes and Cloud Native Security, aiming to empower women and promote diversity in the tech sector.
OpenSSF and CISA Join Forces to Secure Open Source Software
The Cybersecurity and Infrastructure Security Agency (CISA) recently announced significant initiatives to secure the open source ecosystem, following a pivotal OSS Security Summit.
Omkhar Arasaratnam, General Manager of the Open Source Security Foundation (OpenSSF), underscores the collaborative spirit of these efforts, “OpenSSF’s mission is to improve the security of open source software…Through continued cooperation in activities such as this summit and the Principles for Package Repository Security, we will improve the security of open source package repositories for everyone.”
Building a Stronger Open Source Ecosystem: OpenSSF Scorecard | Tech Talk
When: Wednesday, March 13 | 10:00AM PT
Join OpenSSF’s Tech Talk to discover the OpenSSF Scorecard’s crucial role in boosting open source security. Learn from organizations that have implemented the Scorecard, sharing their insights and best practices.
Secure your spot to explore how to strengthen your open source projects.
OpenSSF Scorecard Survey
OpenSSF Scorecard has opened a survey to better understand user expectations and needs from the project. The survey will remain open through OSS NA and the results will help steer the roadmap.
Welcome GUAC to OpenSSF as an Incubating Project
The Open Source Security Foundation (OpenSSF) welcomes the Graph for Understanding Artifact Composition (GUAC) as its latest Incubating Project.
Why GUAC Matters:
- Enhances supply chain security by providing deep insights into software dependencies.
- Supported by tech and financial leaders, including Yahoo!, Microsoft, and Red Hat.
- Rapid community growth with over 50 contributors and 1,100 GitHub stars.
Help Shape the Future of Secure Software Development: Take the Survey
We’re on a mission to understand the gaps and needs in secure software development practices.
Your participation will help us tailor solutions that address the real challenges faced by professionals and organizations in securing software.
Contribute to a safer software development ecosystem by sharing your experiences and needs.
In the News Highlights
- Help Net Security, Transitioning to memory-safe languages: Challenges and considerations
- White House, OSS groups offer cybersecurity training to Jordanian women
- SiliconANGLE, Google-backed GUAC cybersecurity tool becomes an OpenSSF project
- SDX Central, Why it’s time to add some GUAC to open-source supply chain security
- The New Stack, White House Warns Against Using Memory-Unsafe Languages
- Help Net Security, Securing software repositories leads to better OSS security
Get Involved in OpenSSF
You’re invited to…
- Join a Working Group or Project
- Chat with us on Slack
- Follow us on Twitter, Mastodon, and LinkedIn
Meet OpenSSF at These Upcoming Events!
- CVE/FIRST VulnCon 2024 & Annual CNA Summit: March 25-27, 2024
- SOSS Community Day NA: April 15, 2024
- Register now!
- OpenSSF will be hosting our first Tabletop Exercise (TTX) from 3:30PM PT
- Open Source Summit (OSS) NA: April 16-18, 2024
- OpenSSF is proud to bring you the pre-Summit workshops for our technical initiatives, on April 15
- KubeCon + CloudNativeCon Europe: March 19-22
- SOSS Fusion Conference: Oct. 22-23, 2024 (Save the date!)
- CFP now open
See you next month
Regards,
The OpenSSF Team