This is part 1 of a 2-part article discussing the impact of Artificial Intelligence (AI) on software development. In this part, I’ll note that AI use during software development is now the norm, despite frequent errors in AI-generated results, because productivity is king. I’ll then discuss its potential security implications.
As the year comes to a close, we’re excited to share the OpenSSF’s 2025 Annual Report, a look at the milestones, momentum, and community-driven achievements that made this year remarkable. We invite you to celebrate the progress, creativity, and collaboration that continue to shape a safer and more resilient open source community!Â
Jay White from Microsoft joins What’s in the SOSS to talk about his journey into open source, AI and ML security, model signing, and the importance of community collaboration. Hear how standardization, transparency, and community involvement can strengthen AI supply chain security.
OpenSSF sponsored the Open Source Finance Forum in New York, highlighting how collaboration between open source maintainers and the financial sector drives stronger cybersecurity. Talks covered AI security, the OSPS Baseline, and stabilizing vulnerability data, helping financial institutions build trust and resilience through open source.
Discover the latest updates across the OpenSSF community including new learning offerings, AI/ML security advancements, SBOM evolution under the CRA, Scorecard improvements, Sigstore research, upcoming events, and fresh podcast episodes helping secure the future of open source.
The Open Source Security Foundation (OpenSSF) has launched a new free course, Secure AI/ML-Driven Software Development (LFEL1012), authored by David A. Wheeler. As AI and machine learning become core to modern software development, this course helps developers understand and mitigate the security risks associated with AI code assistants. In just one hour, learners will gain…
Financial services run on open source. With regulations growing and supply chains under pressure, institutions need clear frameworks and reliable data to keep systems secure. At the Open Source in Finance Forum (OSFF) the OpenSSF community is sponsoring and sharing sessions on the OSPS Baseline, vulnerability data, and AI security. These talks demonstrate how our…
AI code assistants are powerful tools. They can speed up development, suggest solutions, and help explore alternatives. But they also create security risks, because the results you get depend heavily on what you ask. These systems’ models are trained on vast amounts of code (much of it insecure), they don’t truly understand context, and they…
