Skip to main content

📩 Stay Updated! Follow us on LinkedIn and join our mailing list for the latest news!

OpenSSF Newsletter – September 2024

By September 25, 2024

Welcome to the September 2024 edition of the OpenSSF Newsletter! Here’s a roundup of the latest developments, key events, and upcoming opportunities in the Open Source Security community.

Innovative Supply Chain Security for Enterprise Cloud Platform Service

As software supply chain security becomes a critical concern, Guidewire Cloud Platform is taking proactive steps by collaborating with GUAC to enhance their defenses. This partnership aims to strengthen the resilience of enterprise cloud services against potential vulnerabilities that could disrupt operations. With the integration of GUAC, Guidewire is able to quickly identify, mitigate, and prevent security threats across their supply chain.

Read More

AIxCC Semifinals at DEF CON Showcase AI’s Potential in Securing Critical OSS Projects

AIxCC Semifinals at DEF CON Showcase AI’s Potential in Securing Critical OSS Projects

AI took center stage at DEF CON 32 with the AIxCC Challenge semifinals, showcasing how AI-driven technologies can revolutionize open source security. Seven standout teams advanced to the finals, each utilizing AI to detect and fix vulnerabilities in critical software projects. This competition not only highlights the immense potential of AI in cybersecurity but also serves as a catalyst for future innovations that could safeguard millions of users worldwide.

Read More

Prioritizing Security: Key Findings from the OpenSSF Survey for Financial Institutions


As the financial services sector increasingly relies on software to drive its operations, securing these systems has become paramount. The OpenSSF’s 2024 Secure Software Development Education Survey reveals key insights for financial institutions, especially for organizations like FINOS members. The survey underscores the urgent need for better security practices, offering a roadmap for banks, investment firms, and wealth managers to fortify their software environments.

Read More

Simplify SBOM Management for Developers: Introducing bomctl

Bomctl
Managing Software Bills of Materials (SBOMs) is crucial for understanding software components and improving security, and bomctl makes it easier than ever. This powerful tool simplifies SBOM management, empowering developers to efficiently track and maintain their software’s components. By automating the process, bomctl not only boosts security and compliance but also saves time, allowing developers to focus on innovation while staying confident in their software’s safety.

Read More

Join Us at the OSS Security Meetup in Tokyo, Japan
Open-Source-Security-Meetup

The OpenSSF is thrilled to host a special OSS Security Meetup in Tokyo on October 3rd at Renesas Electronics, bringing together open source security experts to tackle some of the field’s most pressing challenges. This exclusive event will feature hands-on sessions, networking opportunities, and key discussions about the future of open source security in Japan and beyond. Don’t miss this opportunity to connect with the global security community.

Read More

OpenSSF Welcomes New Members and Presents Golden Egg Award at SOSS Community Day Europe


OpenSSF continues to grow its community with new members from leading technology, security, and research firms, further bolstering efforts to secure open source software. At SOSS Community Day EU in Vienna, we proudly presented the Golden Egg Award, recognizing outstanding contributions to OSS security. The new members bring invaluable expertise to the OpenSSF, driving collaboration and innovation for a safer open source ecosystem.

Read More

OpenSSF at Grace Hopper Celebration 2024: Advancing Diversity and Security in Open Source


OpenSSF was honored to participate in the Grace Hopper Celebration (GHC) 2024, the world’s largest gathering of women and non-binary technologists, where innovation, inclusion, and diversity are celebrated. Our presence highlighted the critical need for diverse voices in open source security, ensuring that as technology evolves, it remains secure for everyone. OpenSSF used this platform to advocate for greater participation from underrepresented groups in both tech and security.

Read More

Empower Your Software Development with OpenSSF’s Free “Developing Secure Software” Course! 

Learn secure software fundamentals at your own pace and earn a recognized certificate. Plus, we’ve just added new optional labs in LFD121! These hands-on exercises will help you practice countering attacks with real-world scenarios and helpful hints.

Enroll Here

In the News

Meet OpenSSF at These Upcoming Events!

Get Involved in OpenSSF

You’re invited to…

See You Next Month

We want to get you the information you most want to see in your inbox. Have ideas or suggestions for next month’s newsletter about the OpenSSF? Let us know at marketing@openssf.org, and see you next month! 

Regards,

The OpenSSF Team