Skip to main content

As part of the Open Source Security Foundation (OpenSSF), many companies have adopted our tools and technology to improve their cybersecurity efforts. We invite you to join our community and contribute to the ongoing efforts in strengthening open source software security.

Feb 16, 2024

Scaling Up Supply Chain Security: Implementing Sigstore for Seamless Container Image Signing

In this blog post, we will explore how Yahoo leverages Sigstore, in concert with Athenz, an open source platform for managing X.509 certificates, as an internal Certificate Authority, to sign and verify container images.  Read more.
OpenSSF Scorecard Case Study IBM

Mar 20, 2023

Improving Supply Chain Security: IBM as a user and a contributor to Open Source Security Foundation Scorecard

Scorecard is becoming a key part of IBM’s review and curation of the open-source software in our products and services. IBM is committed to helping address the systemic security issues in modern SW supply chains and believes an important part of this effort is to help the open-source ecosystem improve… Read more.