Skip to main content

Mar 7, 2024 | OpenSSF

In Blog

OpenSSF and CISA Join Forces to Secure Open Source Software

In today's dynamic technological landscape, open source software (OSS) holds a crucial position. An average of 77%-90% of any given piece of modern software is OSS. Recognizing its significance, the US Cybersecurity and Infrastructure Security Agency (CISA) recently concluded a two-day Open Source Software (OSS) Security Summit in March 2024,… Read more.
OpenSSF GUAC

Mar 7, 2024 | OpenSSF

In Blog

Graph for Understanding Artifact Composition (GUAC): Joins OpenSSF as Incubating Project

The Graph for Understanding Artifact Composition (GUAC) maintainers are pleased to announce the project has joined the Open Source Security Foundation (OpenSSF) as an Incubating Project. GUAC is an open source supply chain security project that provides dependency management and actionable insights into the security of software supply chains. GUAC… Read more.

Mar 5, 2024 | OpenSSF

In Blog

OpenSSF Scorecard: Evaluating and Improving the Health of Critical OSS Projects

OpenSSF Scorecard is a way for maintainers and users of open source projects to better understand the security of a given project. Maintainers can get feedback on the security of their project, and suggestions on how to make it more secure. Users of open source software can use Scorecard results… Read more.
OpenSSF Scorecard Tech Talk

Mar 4, 2024 | OpenSSF

In Blog

Come to First OpenSSF Tech Talk of the Year on Scorecard

Join our first Tech Talk of 2024, where organizations will discuss the importance of adopting OpenSSF Scorecard.  OpenSSF Scorecard helps open source maintainers improve their security best practices and helps consumers judge whether their dependencies are safe. Read more.

Mar 4, 2024 | OpenSSF

OpenSSF, Linux Foundation Training & Certification, and CNCF Announce Scholarships to Support Women in Jordan Entering the Cybersecurity Field in Collaboration with US White House National Security Council

AMMAN, JORDAN, March 4, 2024 – Open Source Security Foundation (OpenSSF), Linux Foundation Training and Certification (LF T&C), and Cloud Native Computing Foundation (CNCF) are thrilled to announce an initiative in celebration of Women's History Month. In collaboration with the US White House National Security Council (NSC), we are proud… Read more.

Feb 27, 2024 | OpenSSF

In Blog

Golden Egg Award: Celebrating Exceptional Contributions in the OpenSSF Community

In Open Source Security Foundation (OpenSSF), we shine a light on those who go above and beyond in enriching our community. The Golden Egg Awards recognize individuals as the driving force behind innovation. More than just a token of appreciation, the Golden Egg symbolizes gratitude for their selfless dedication to… Read more.

Feb 26, 2024 | OpenSSF

In Blog

SOSS Community Day North America (NA) Agenda Live

We're excited to announce that the agenda for Secure Open Source Software (SOSS) Community Day NA on April 15, 2024 is now available! Join us for a day of technical talks, panels, and a Table Top Exercise (TTX). SOSS Community Day is co-located with Open Source Summit North America in… Read more.

Feb 26, 2024 | OpenSSF

In Blog

OpenSSF Supports White House’s Efforts to Build More Secure and Measurable Software

The US Office of the National Cyber Director (ONCD) report Back to the Building Blocks: A Path Toward Secure and Measurable Software, was released today. The report provides valuable insights into strategies to improve software security. This paper emphasizes the importance of proactive measures in mitigating vulnerabilities by examining pivotal… Read more.

Feb 21, 2024 | OpenSSF

In Blog

Submit to Speak at SOSS Fusion 2024

The Secure Open Source Software (SOSS) Fusion Conference by the OpenSSF is a leading event for open source professionals, uniting diverse experts from software developers to CISOs and tech pioneers. It's not just an event; it's a push toward a more secure digital future. Read more.

Feb 20, 2024 | aliu

In Blog

OpenSSF Responds to US CISA RFI on Cybersecurity Risk and Secure by Design Software

OpenSSF has submitted a response to the Request For Information (RFI) on Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software issued by the US Cybersecurity and Infrastructure Security Agency (CISA). We have provided insightful feedback on making software secure by design, highlighting the critical… Read more.