OSPS Baseline
Your Guide to the OpenSSF OSPS Baseline for More Secure Open Source Projects
The Open Source Project Security (OSPS) Baseline is a community-developed catalog of practical security controls that helps open source projects understand what good security looks like and how to improve over time.
Building Security in Open Source for Financial Services: OpenSSF at Open Source Finance Forum (OSFF) NYC
OpenSSF sponsored the Open Source Finance Forum in New York, highlighting how collaboration between open source maintainers and the financial sector drives stronger cybersecurity. Talks covered AI security, the OSPS Baseline, and stabilizing vulnerability data, helping financial institutions build trust and resilience through open source.
Blog
AI security
Bloomberg
CRob Robinson
CVE
Cybersecurity
Financial Services
FINOS
IBM
Jamie Thomas
Kusari
Linux Foundation
Michael Lieberman
NVD
open source collaboration
Open Source Finance Forum
Open Source Security
OpenSSF
OSFF
OSPS Baseline
Secure Software Development
Software Supply Chain
Stephen Augustus
vulnerability management
Building Security in Open Source for Financial Services: OpenSSF at Open Source in Finance Forum (OSFF)
Financial services run on open source. With regulations growing and supply chains under pressure, institutions need clear frameworks and reliable data to keep systems secure. At the Open Source in Finance Forum (OSFF) the OpenSSF community is sponsoring and sharing sessions on the OSPS Baseline, vulnerability data, and AI security. These talks demonstrate how our…
Case Study: How LFX Insights and OSPS Baseline Validated GUAC’s Security in Under an Hour
Tools: GUAC, OSPS Baseline, LFX Insights Challenge: Demonstrating strong security posture quickly and credibly to stakeholders Solution: Leveraging Linux Foundation Insights (LFX Insights) and the Open Source Security Foundation (OpenSSF) Open Source Project Security Baseline (OSPS Baseline) for instant, standards-aligned validation Result: Saved significant time in verifying security practices, completing an independent standards-based assessment in…
🎉 Celebrating Five Years of OpenSSF: A Journey Through Open Source Security
August 2025 marks five years since the official formation of the Open Source Security Foundation (OpenSSF). Born out of a critical need to secure the software supply chains and open...
Blog
AI security
Alpha-Omega
C++
Compiler Hardening
CVEs
Cyber Resilience Act
GUAC
mentorship
MLSecOps
Open Source Community
Open Source Policy
Open Source Security
Open Source Security Foundation
OpenSSF
OSPS Baseline
Scorecard
Secure Software Development
security best practices
sigstore
SLSA
Software Supply Chain
OpenSSF Tech Talk Recap: Using the OSPS Baseline to Navigate Standards and Regulations
On April 24, the Open Source Security Foundation (OpenSSF) hosted a Tech Talk to help open source maintainers, contributors, and organizations better navigate the growing landscape of security standards and regulations.
