TL;DR: 🚀 OpenSSF Community Day NA → Agenda live, read the session highlights. ⚖️ TPN & SBOM Evolution → New frameworks aim to turn "dead" PDF notices and static SBOMs into active security intelligence. 🤖 Agentic AI Security → OpenSSF welcomes OSS-CRS and examines using SAFE-MCP to secure non-deterministic AI agents. 📦 Project Milestones →…
TL;DR: 💰 $12.5M New Funding → Anthropic, AWS, Google, and more invest in OSS & AI security 🤝 Ambassador Program Launch → New global initiative to empower community leaders 🛠️ No-Cost Tooling → Kusari Inspector now free for OpenSSF project maintainers 💎 The Gemara Model → A new 7-layer framework for GRC and automated risk…
We're excited to launch the OpenSSF Ambassador Program - a global community of advocates who will help us promote secure open source development practices worldwide.
Open Source SecurityCon (evolved from Cloud Native SecurityCon) returns for its second event, co-located with KubeCon + CloudNativeCon Europe 2026. The conference advances innovation and collaboration across open source software security and cloud native security. It brings together creators, maintainers, operators, and consumers who are actively involved in securing the software ecosystem.
Recently, I spoke at the Free and Open Source Developers' European Meeting (FOSDEM) 2026 on “First steps towards Cyber Resilience Act (CRA) conformity: A practical introduction to cybersecurity risk management.”
One of the most common misconceptions we hear in the OpenSSF community is that you need special permission to contribute. You do not.
Security Slam 2026 is a 30-day event that begins February 20 and culminates in an awards ceremony at KubeCon + CloudNativeCon Europe (KCCN EU).
OpenSSF Community Day North America is happening this year in Minneapolis, and the Call for Proposals (CFP) is open through February 15.
FOSDEM is one of Europe’s most important gatherings for open source communities, and OpenSSF will participate again in 2026. The event brings together developers, maintainers, researchers, and industry contributors for two days of technical talks, hallway discussions, and collaboration.
Open Source & Security Africa (OSSAfrica) is a community-led initiative bringing together people who care about open source and security across the continent. We're building connections between contributors, software developers, maintainers, researchers, and security professionals.
