This month, we present a spotlight on the SBOM Everywhere initiative, housed under the OpenSSF Security Tooling Working Group. The mission of the Security Tooling Working Group is to identify, evaluate, improve, develop & ease deployment of universally-accessible, developer focused tooling to help the open source community secure their code.
Through funding by the OpenSSF’s Alpha-Omega Project, the Python Software Foundation (PSF) has hired a new security developer in residence as part of a year-long security enhancement initiative. PSF announced their intention to fill this role back in January, and after a thorough search, they have chosen Seth Michael Larson!
SBOMs enable organizations to identify vulnerabilities, track open-source usage, and ensure compliance with numerous licensing obligations. Having a “single source of truth” for security and licensing information helps everyone. Let’s take a look at why SBOM Generators need to accurately represent Open Source Licenses.
We’re pleased to announce we are hosting OpenSSF Day at Open Source Summit Europe on Monday, September 18th and the call for proposals is now open. The full day program will feature keynotes from Open Source Security Foundation (OpenSSF) contributors and thought leaders. This is your chance to meet fellow open source community members and get…
Within the OpenSSF Supply Chain Integrity Working Group (SCI WG), we’re hosting a global community of individuals and organizations collaborating on scalable standardized attestable practices for supply chain security. Along the way we’re developing a shared vocabulary for the industry, a common problem model, and uniform frameworks spanning languages and ecosystems.
We’re delighted to invite you to Singapore’s inaugural Open Source Security Foundation (OpenSSF) Meetup on the evening of Thursday, the 8th of June at the AWS Singapore Office to discuss how we can address cybersecurity challenges locally and globally.
Join us for a conversation with new OpenSSF General Manager, Omkhar Arasaratnam, veteran cybersecurity and technical risk management executive with more than 25 years of experience leading global organizations. In this Q&A, Omkhar covers everything from the challenges he foresees in his role to what he thinks is the most important factor to keep in…
We recently hosted OpenSSF Day at the Open Source Summit North America in Vancouver, BC with a full day of session presentations, panels, and lightning talks around the current state of open source security. If you weren’t able to attend, the videos are now available on our YouTube channel to view, and here are a…
Where we are with SBOMs and where may the community go in the future? At the 2023 SBOM Devroom, hosted at FOSDEM 2023 in Brussels, participants discussed various topics related to generating, understanding, managing, and converting Software Bill of Materials (SBOMs).
OpenSSF, in collaboration with Linux Foundation Research, recently launched a new survey to better understand OpenSSF Software Security Awareness. Please take the survey today to share your feedback about our initiatives and how we can improve. We want to hear from you!
