Security Insights Spec – Open Source Security Foundation

This specification provides a mechanism for projects to report information about their security in a machine-processable way.

Welcome to the page of Security Insights Spec!

This specification provides a mechanism for projects to report information about their security in a machine-processable way.

All information regarding the maintenance, security, and consumption of the Security Insights Specification can be found in this repo within the latest version of the official specification file.

Don’t forget to join us on Slack, and visit the OpenSSF Working Group responsible for maintaining this spec, Identifying Security Threats in Open Source Projects.

GitHub

Copyright © 2024 The Linux Foundation® . All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use.

This specification provides a mechanism for projects to report information about their security in a machine-processable way.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox