This is part 1 of a 2-part article discussing the impact of Artificial Intelligence (AI) on software development. In this part, I’ll note that AI use during software development is now the norm, despite frequent errors in AI-generated results, because productivity is king. I’ll then discuss its potential security implications.
Trail of Bits, with funding from OpenSSF, is improving Sigstore’s rekor-monitor to help maintainers detect malicious package releases, monitor signing identities, and strengthen software supply chain security using transparency logs.
NYU professor Justin Cappos joins the OpenSSF podcast to discuss why software supply chain security is missing from most university curricula -- and how hands-on, open source-first education can change that.
As the year comes to a close, we’re excited to share the OpenSSF’s 2025 Annual Report, a look at the milestones, momentum, and community-driven achievements that made this year remarkable. We invite you to celebrate the progress, creativity, and collaboration that continue to shape a safer and more resilient open source community!Â
Jay White from Microsoft joins What’s in the SOSS to talk about his journey into open source, AI and ML security, model signing, and the importance of community collaboration. Hear how standardization, transparency, and community involvement can strengthen AI supply chain security.
At Open Source SecurityCon in Atlanta, the Open Source Security Foundation (OpenSSF) announced Target Corporation and Thread AI as new general members, OSTIF’s upgrade to general membership, and recognized Golden Egg Award winners for their contributions to open source security. The Foundation continues to advance education, collaboration, and tooling to secure the global software supply…
OpenSSF sponsored the Open Source Finance Forum in New York, highlighting how collaboration between open source maintainers and the financial sector drives stronger cybersecurity. Talks covered AI security, the OSPS Baseline, and stabilizing vulnerability data, helping financial institutions build trust and resilience through open source.
Discover the latest updates across the OpenSSF community including new learning offerings, AI/ML security advancements, SBOM evolution under the CRA, Scorecard improvements, Sigstore research, upcoming events, and fresh podcast episodes helping secure the future of open source.
