vulnerability management

Hack to the Future: The Impact and Legacy of the DARPA AIxCC Challenge

AI Blog Global Cyber Policy Guest Blog AIxCC Cyber Reasoning Systems DARPA Open Source Security vulnerability management

Why Third-Party Notices Are Breaking at Scale: What the Ecosystem Needs Next

Blog Guest Blog Open Source Compliance SBOM Software Supply Chain Security Third-Party Notices vulnerability management

From Noise to Signal: Using Runtime Context to Win the Vulnerability Management Battle

Blog Guest Blog CVE Open Source Security Prioritization Runtime Security vulnerability management

Rethinking Post-Deployment Vulnerability Detection

Blog Guest Blog Continuous Delivery CVE Digital Twin Open Source Security OpenSSF OSV.dev Post-Deployment Security SBOM Supply Chain Security vulnerability management

What’s in the SOSS? Podcast #57 – S3E9 From Noise to Signal: Security Expertise and Kusari Inspector with Mike Lieberman

Podcast AI Vulnerability Reporting Kusari Inspector Mike Lieberman Open Source Security OpenSSF Scorecard Secure by Design SLSA software maintainers Supply Chain Security vulnerability management

Kusari Partners with OpenSSF to Strengthen Open Source Software Supply Chain Security

Blog Guest Blog AI security Cybersecurity DevOps GUAC Kusari Kusari Inspector Open Source Security OpenSSF SLSA Software Dependencies Software Supply Chain vulnerability management

Leading Tech Coalition Invests $12.5 Million Through OpenSSF and Alpha-Omega to Strengthen Open Source Security

Blog AI security Alpha-Omega Artificial Intelligence Cybersecurity Investment Linux Foundation Maintainer Support Open Source Security OpenSSF Software Supply Chain vulnerability management

Building Security in Open Source for Financial Services: OpenSSF at Open Source Finance Forum (OSFF) NYC

OpenSSF sponsored the Open Source Finance Forum in New York, highlighting how collaboration between open source maintainers and the financial sector drives stronger cybersecurity. Talks covered AI security, the OSPS Baseline, and stabilizing vulnerability data, helping financial institutions build trust and resilience through open source.

Blog AI security Bloomberg CRob Robinson CVE Cybersecurity Financial Services FINOS IBM Jamie Thomas Kusari Linux Foundation Michael Lieberman NVD open source collaboration Open Source Finance Forum Open Source Security OpenSSF OSFF OSPS Baseline Secure Software Development Software Supply Chain Stephen Augustus vulnerability management

What’s in the SOSS? Podcast #41 – S2E18 The Remediation Revolution: How AI Agents Are Transforming Open Source Security with John Amaral of Root.io

Podcast Agentic Systems AI Agents AI security Automation Container Security CRob Cybersecurity Developer Security Fix-First Approach John Amaral Linux Foundation LLMs Open Source Security OpenSSF Podcast Root.io Secure Open Source Shift Left Shift Out Software Supply Chain vulnerability management What’s in the SOSS

Key Takeaways from VulnCon 2025: Insights from the OpenSSF Community

Blog Cyber Resilience Act Open Source Security OpenSSF VulnCon 2025 vulnerability management