Linux Foundation

Open Infrastructure Is Not Free, Part II: The Hidden Cost of Running Package Registries

Blog AI Linux Foundation Open Source Sustainability Package Registries Software Supply Chain Security

Leading Tech Coalition Invests $12.5 Million Through OpenSSF and Alpha-Omega to Strengthen Open Source Security

Blog AI security Alpha-Omega Artificial Intelligence Cybersecurity Investment Linux Foundation Maintainer Support Open Source Security OpenSSF Software Supply Chain vulnerability management

Linux Foundation Announces $12.5 Million in Grant Funding from Leading Organizations to Advance Open Source Security

Blog Press Release AI Alpha-Omega Amazon Web Services (AWS) Anthropic Cybersecurity GitHub Google Google DeepMind Grant Funding Linux Foundation Microsoft Open Source Security OpenAI OpenSSF

KubeCon + CloudNativeCon Europe 2026 Co-located Event Deep Dive: Open Source SecurityCon

Open Source SecurityCon (evolved from Cloud Native SecurityCon) returns for its second event, co-located with KubeCon + CloudNativeCon Europe 2026. The conference advances innovation and collaboration across open source software security and cloud native security. It brings together creators, maintainers, operators, and consumers who are actively involved in securing the software ecosystem.

Blog Guest Blog Community community events Cyber Resilience Act Linux Foundation Open Source

OpenSSF’s 2026 Themes: A Community Roadmap for Securing the Future of Open Source

Each year, the Open Source Security Foundation (OpenSSF) focuses its content and engagement on the security topics that matter most to the open source community. In 2026, we are organizing content around quarterly themes that reflect community priorities, global policy developments, and real-world security needs.

Blog Community community events Content themes CRA Events Linux Foundation Open Source Security

AI, Software Development, Security, Tips, and the Future (Part 2)

This is part 2 of a 2-part article where I’ll briefly discuss the impact of Artificial Intelligence (AI) on software development.

Blog AI AI security Community Linux Foundation Open Source Open Source Security Security

AI, Software Development, Security, Tips, and the Future (Part 1)

This is part 1 of a 2-part article discussing the impact of Artificial Intelligence (AI) on software development. In this part, I’ll note that AI use during software development is now the norm, despite frequent errors in AI-generated results, because productivity is king. I’ll then discuss its potential security implications.

Blog AI security Linux Foundation Open Source Open Source Security

What’s in the SOSS? Podcast #47 – S2E24 Teaching the Next Generation: Software Supply Chain Security in Academia with Justin Cappos

NYU professor Justin Cappos joins the OpenSSF podcast to discuss why software supply chain security is missing from most university curricula -- and how hands-on, open source-first education can change that.

Podcast academia code signing higher education Linux Foundation Open Source Community Open Source Security OpenSSF Podcast SBOM Secure Software Development security education Software Supply Chain Security What’s in the SOSS

Recap: OpenSSF Community Day Korea 2025

OpenSSF Community Day Korea took place on November 4, 2025, in Seoul, bringing developers and security engineers together for a day of practical discussions on software security.

Blog Community Events Linux Foundation Open Source Open Source Summit OpenSSF Community Day OSSSecurity

KubeCon Keynote Recap: “Supply Chain Reaction” and Why the OSPS Baseline Matters More Than Ever

At KubeCon+CloudNativeCon North America, Stacey Potter (OpenSSF) and Adolfo García Veytia delivered one of the most memorable and entertaining keynotes of the week: “Supply Chain Reaction: A Cautionary Tale in Kubernetes Security.”

Blog Community Linux Foundation Open Source OpenSSF OSPSBaseline OSS Security Security