Guest Blog

Aug 14

Case Study: How LFX Insights and OSPS Baseline Validated GUAC’s Security in Under an Hour

By OpenSSF Blog, Case Studies

Tools: GUAC, OSPS Baseline, LFX Insights Challenge: Demonstrating strong security posture quickly and credibly to stakeholders Solution: Leveraging Linux Foundation Insights (LFX Insights) and the Open Source Security Foundation (OpenSSF)…

Aug 12

Love1

Securing AI: The Next Cybersecurity Battleground

By OpenSSF Blog, Guest Blog

The AI wave is here, and it’s only getting bigger. According to a recent report from McKinsey, “over the next three years, 92 percent of companies plan to increase their…

Aug 08

Love0

From Beginner to Builder: Understanding OpenSSF Community and Working Groups

By OpenSSF Blog, Guest Blog

The Open Source Security Foundation (OpenSSF) serves as the global hub for collaborative work on securing the software supply chain. Whether you’re an open-source maintainer, a security engineer, a student,…

Jul 31

Love0

Speaking, Volunteering, Parenting, and Exploring Nature — My Week at OSS Summit NA 2025

By OpenSSF Blog, Guest Blog

Earlier this summer, Eman Abu Ishgair had the privilege of attending the Open Source Summit North America 2025 in Denver — one of the largest gatherings of open source contributors,…

Jun 11

Love0

Maintainers’ Guide: Securing CI/CD Pipelines After the tj-actions and reviewdog Supply Chain Attacks

By OpenSSF Blog, Guest Blog

CI/CD pipelines are increasingly becoming high-value targets for attackers. With access to secrets, source code, and infrastructure, they offer a direct route to supply chain compromise. The recent breaches involving…

Apr 28

Love0

Announcing the Release of “The Memory Safety Continuum”

By OpenSSF Blog, Guest Blog

The OpenSSF's Memory Safety SIG has just released "The Memory Safety Continuum". It was written with software developers, organizations, and security professionals in mind and it provides practical insights and…

Mar 06

Love0

2025 OpenSSF Content Themes: Strengthening Open Source Security Throughout the Year

By OpenSSF Blog

Each year, the Open Source Security Foundation (OpenSSF) is committed to securing the software supply chain through a year-long focus on key themes. Our content calendar aligns with critical security…

Jan 23

Love0

Predictions for Open Source Security in 2025: AI, State Actors, and Supply Chains

By OpenSSF Blog, Guest Blog

Open source software is everywhere—used in almost every modern application—but the security challenges it faces continue to grow more serious. Relying on the backbone of volunteers, vulnerabilities now make it…

Jan 22

Love0

Accelerating OpenSSF Adoption: Unlocking Scorecard Insights with a Centralized Dashboard

By OpenSSF Blog, Guest Blog

Open source components are consumed by over 90% of modern applications. Their omnipresence stems from their cost-effectiveness, flexibility, and collaborative nature, making them a cornerstone of contemporary software development. However,…

Nov 01

Love0

Red Hat’s Collaboration with the OpenSSF and OSV.dev Yields Results: Red Hat Security Data Now Available in the OSV Format

By OpenSSF Blog, Guest Blog

OSV is an open format for describing software vulnerabilities. It provides security researchers, vendors, and consumers with an easy to understand format for exchanging vulnerability information. OSV.dev is a database…

Case Study: How LFX Insights and OSPS Baseline Validated GUAC’s Security in Under an Hour

Securing AI: The Next Cybersecurity Battleground

From Beginner to Builder: Understanding OpenSSF Community and Working Groups

Speaking, Volunteering, Parenting, and Exploring Nature — My Week at OSS Summit NA 2025

Maintainers’ Guide: Securing CI/CD Pipelines After the tj-actions and reviewdog Supply Chain Attacks

Announcing the Release of “The Memory Safety Continuum”

2025 OpenSSF Content Themes: Strengthening Open Source Security Throughout the Year

Predictions for Open Source Security in 2025: AI, State Actors, and Supply Chains

Accelerating OpenSSF Adoption: Unlocking Scorecard Insights with a Centralized Dashboard

Red Hat’s Collaboration with the OpenSSF and OSV.dev Yields Results: Red Hat Security Data Now Available in the OSV Format

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox