Your Voice Belongs Here: How to Get Involved in the OpenSSF Community
One of the most common misconceptions we hear in the OpenSSF community is that you need special permission to contribute. You do not.
Blog
Advancing Package Repository Security Through Collaboration
On February 2nd, the Open Source Security Foundation (OpenSSF) convened the OpenSSF Package Manager Security Forum, a cross-ecosystem working session focused on one of the most critical and complex challenges facing open source today: package repository security.
EU Cyber Resilience Act (CRA) in Practice @ FOSDEM 2026: From Awareness to Action
Over the past few years, the free and open source (FOSS) community has engaged deeply with the CRA, highlighting its significance and potential impact.
Security Slam 2026
Security Slam 2026 is a 30-day event that begins February 20 and culminates in an awards ceremony at KubeCon + CloudNativeCon Europe (KCCN EU).
Fill Out All The Margins 📖: OpenSSF Releases Compiler Annotations Guide for C and C++
OpenSSF’s new Compiler Annotations for C and C++ guide helps developers use compiler-specific annotations to communicate code intent to the compiler, improve diagnostics, improve optimizations, and provide stronger security and correctness guarantees.
Have a Security Lesson Worth Sharing? Submit a Talk at OpenSSF Community Day North America
OpenSSF Community Day North America is happening this year in Minneapolis, and the Call for Proposals (CFP) is open through February 15.
Join Us at Open Source SecurityCon Europe 2026 in Amsterdam
Open Source SecurityCon Europe is approaching, which means we’ll be gathering again in Amsterdam this spring for one of the most focused, practitioner-driven events in open source security. Save your spot, register now, and add your favorite sessions to your calendar from the agenda.
OpenSSF at FOSDEM 2026: From Policy to Practical Security
FOSDEM is one of Europe’s most important gatherings for open source communities, and OpenSSF will participate again in 2026. The event brings together developers, maintainers, researchers, and industry contributors for two days of technical talks, hallway discussions, and collaboration.