Press Release

Event aims to create a more secure open source future by covering high-priority topics and offering workshops and industry expert insights

WASHINGTON — October 22, 2024 — The Open Source Security Foundation (OpenSSF) announced the opening of the Secure Open Source Software (SOSS) Fusion Conference in North America in Atlanta, GA, today. This event unites a diverse community of professionals, including public sector leaders, software developers, security engineers, students, cybersecurity experts, CISOs, CIOs, founders, and tech pioneers. With a robust agenda covering AI security, critical open source security projects, public policy, and today’s most pressing security topics, SOSS Fusion offers a comprehensive look at OpenSSF’s initiatives that’s aimed at simplifying security for developers, and will help them prepare to shape a safer digital world in 2025 and beyond. 

The OpenSSF supports a vibrant, active community developing tools and best practices to aid developers on their security journey. With 7,500-plus projects in the OpenSSF Best Practices Badge program, the foundation remains committed to educating and influencing the broader community through thought leadership in open source security. This year, OpenSSF staff and community members have presented at over 30 meaningful events, such as VulnCon, OSPOs for Good, OECD Global Forum on Digital Security for Prosperity, and Grace Hopper Celebration, among others.

This event aims to strengthen the community by bringing together industry leaders, developers, project maintainers, students, and security researchers. Together, they will exchange actionable insights and introduce state-of-the-art tools to improve the security of open source software for everyone. Participants will stay informed about the latest advancements in open source security.

“When I look at the lineup of topics at SOSS Fusion and speakers I am reminded of our amazing community. I see an excellent mixture of our seasoned members and projects alongside new and exciting voices joining us for the first time,” said CRob, chief security architect at OpenSSF. “The sessions cover important key topics ranging from AI and machine learning security, to some of our newest projects, like Zarf. This event will be valuable to attendees and will showcase the most innovative ideas and initiatives the open source community has to offer.”

Along with notable keynote sessions and workshops, the agenda will highlight key themes from Cisco, Google, Kusari, and Linux Foundation executives including:

• Scorecard at Scale: Old and New Possibilities for Lifting Security on All Repositories — Jeff Mendoza, Kusari, and Stephen Augustus, Cisco Systems, Inc. 
• End-to-End Secure ML Development — Mihai Maruseac, Google
• Artificial Intelligence Cyber Challenge (AIxCC): Overview and Releasing Research as Open Source Software — David A. Wheeler and Jeff Diecks, Linux Foundation

Recorded sessions will be available on demand approximately two weeks after the event. Sign up for the OpenSSF newsletter to receive notifications about the recorded sessions, and visit the website to learn more about becoming an OpenSSF member.

About the OpenSSF

The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaborating and working upstream and with existing communities to advance open source security. For more information, please visit us at openssf.org.

Media Contact:

Jennifer Tanner
Look Left Marketing
openssf@lookleftmarketing.com

Engaging Sessions Led by Industry Experts Will Empower Attendees With the Knowledge, Tools, and Connections to Drive Innovation and Enhance Security in the Open Source Ecosystem

WASHINGTON — September 26, 2024 — The Open Source Security Foundation (OpenSSF) is pleased to announce the agenda for its inaugural Secure Open Source Software (SOSS) Fusion Conference, which will take place October 22-23, 2024, in Atlanta, Ga. Featuring presentations covering a variety of high-priority topics, including AI security, diversity, OSS consumption and public policy, the conference will bring together a diverse group of professionals from both the public and private sectors — software developers, security engineers, cybersecurity experts and leaders, founders, tech pioneers and policymakers — to collaborate on creating a more secure open source future. 

In the wake of recent high-profile incidents including XZ Utils, there has been an industry-wide pivot to focus on creating and implementing programs and best practices to bolster open source security. SOSS Fusion will unite key stakeholders for discussions, training and community-building opportunities to advance a more secure digital future. The program will feature keynotes from industry leaders, including:

• Decoding the AI Revolution; Implications for Security and Society: AI Security Matters: Bruce Schneier, renowned security technologist and best-selling author
• Window Snyder, founder and CEO at Thistle Technologies (session details forthcoming)
• Enshittification Was a Choice: Cory Doctorow, science fiction author, activist and journalist
• Government’s Continuing Path Contributing Towards a Secure Open Source Ecosystem: Timothy Pepper, senior technical advisor, open source software security, U.S. Cybersecurity and Infrastructure Security Agency (CISA)
• Setting the Standard — Safely Operationalizing OSS Contributions: Brenton Stevens, open source compliance manager, Fannie Mae
• There Is Just One Way to Do Open Source Security: Together: Marten Mickos, CEO, HackerOne

“Security in the open source world is not just about technology; it’s about building a culture of collaboration and trust,” said Arun Gupta, vice president and general manager of Open Ecosystem Initiatives at Intel and OpenSSF governing board chair. “At SOSS Fusion, we’re bringing together the best minds in the industry to address the pressing challenges of our time, from AI security to diversity and public policy. This conference is an essential step towards creating a safer, more inclusive digital future.”

It will also showcase workshops on the latest security technologies, panel discussions on emerging cyber threats, and networking opportunities with peers and industry leaders. Agenda highlights include:

• Building Developer Confidence in Software Security With the DevRel Community [Panel]: Katherine Druckman, Intel Corporation; Tabatha DiDomenico, G-Research; Lori Lorusso, Percona
• Assessing Open Source Software Projects in the Software Supply Chain: Scott Hissam, Carnegie Mellon Software Engineering Institute, and Joshua “CoCo” Crisp, Unified Platform (USCYBERCOM)
• Trojan Model Hubs: Hacking the ML Supply Chain and Defending Yourself from Threats: Sam Washko and William Armiros, Protect AI
• Navigating the Quantum Readiness Journey: Hands-on Guidance for Starting Your Migration: Eric Mizell, Keyfactor
• Is Diversity the Top Ingredient in Your SBOM?: Rao Lakkakula and Tunji Taiwo, JPMorgan Chase

Registration for SOSS Fusion 2024 is now open. To learn more about the event, including sponsorship opportunities, please visit the event website.

About the OpenSSF

The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaborating and working upstream and with existing communities to advance open source security. For more information, please visit us at openssf.org.

Media Contact:

Jennifer Tanner
Look Left Marketing
openssf@lookleftmarketing.com

AMMAN, JORDAN, March 4, 2024 – Open Source Security Foundation (OpenSSF), Linux Foundation Training and Certification (LF T&C), and Cloud Native Computing Foundation (CNCF) are thrilled to announce an initiative in celebration of Women’s History Month. In collaboration with the US White House National Security Council (NSC), we are proud to support the women of Jordan by launching a pilot program offering 250 free security courses and certifications, including specialized certifications in Kubernetes and Cloud Native Security.

This initiative is a testament to our commitment to diversity, equity, and inclusion in the technology and cybersecurity fields. By providing complementary security certifications, we aim to break down barriers and create opportunities for women in Jordan, fostering a more inclusive and diverse workforce. As cybersecurity continues to experience challenges in finding enough skilled workers, this program will help build capacity in the workforce.

The pilot program is sponsored by OpenSSF and LF T&C, organizations dedicated to advancing open source software security and providing high-quality training and certification programs.

“Today’s announcement creates exciting opportunities for Jordan women to learn critical skills to enter the cybersecurity workforce and contribute to Jordan’s national security,” said Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies. “We applaud OpenSSF and the Linux Foundation for investing in women by granting these scholarships, which will strengthen our collective cybersecurity.” 

“It is an honor to provide these scholarships to the women of Jordan in recognition of International Women’s Day and this year’s theme, ‘Inspire Inclusion,'” said Clyde Seepersad, SVP, General Manager, Training & Certification at Linux Foundation. “Supporting the careers of all women and increasing the supply of skilled cybersecurity professionals are both of vital, global interest.”

Omkhar Arasaratnam, General Manager of OpenSSF, added, “OpenSSF is a proud supporter of cybersecurity capacity building in diverse communities. Our Diversity Equity and Inclusion (DEI) work group and Education Special Interest Group (SIG) have made great progress toward these goals. We’re proud to collaborate on this initiative. We believe that providing opportunities for women in cybersecurity is not just the right thing to do; it is essential for building workforce capacity and the diversity of thought required to address tomorrow’s cybersecurity challenges.”

# # # 

Media Contacts:

Jennifer Bly

OpenSSF

jbly@linuxfoundation.org 

J Scott Punk

Linux Foundation Training & Certification

jspunk@linuxfoundation.org  

Samantha L. Reposa

National Security Council

Samantha.L.Reposa@nsc.eop.gov

About the OpenSSF:

The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaborating and working upstream and with existing communities to advance open source security. For more information, please visit us at openssf.org. 

About the Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenSSF, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

About the National Security Council (NSC):

The National Security Council (NSC) is the President’s principal forum for considering national security and foreign policy matters with his or her senior advisors and cabinet officials. Since its inception under President Truman, the Council’s function has been to advise and assist the President and to coordinate matters of national security among government agencies. For more information, please visit whitehouse.gov/nsc/.