OpenSSF

As 2024 kicks off, here's where cloud-native supply chain security stands and what to expect in the immediate future ...

In October 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a white paper Software Identification Ecosystem Option Analysis. Following the release of that paper, the Department of Homeland Security (DHS), CISA's ...

The overall state of application security is likely to worsen if organizations fail to take note of advances in artificial intelligence (AI). Brian Behlendorf, general manager for the Open Source Security Foundation ...

Open source has a security problem, and that could have real-world impact when it affects critical infrastructure. According to research from Synopsis, 78% of code in codebases is open source, and 81% ...

OpenSSL has a new ‘critical’ bug. But it’s a secret until next month ...

OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing. Microsoft and Google ...

OpenSSF announced 19 new organizations have joined OpenSSF to help identify and fix security vulnerabilities in open source software and develop improved tooling, training, research, best practices, and vulnerability disclosure practices. Alan ...

The Open Source Security Foundation (OpenSSF) this week outlined a plan to better secure open source software by focusing on 10 streams of investment that, in total, would require more than $150 ...

It’s rare to see a community truly come together for the common good, but that’s exactly what happened yesterday within our open source community.  We cherished the opportunity to participate in a ...

The Open Source Security Foundation (OpenSSF) today launched an Alpha-Omega Project to improve the security of open source software using a $5 million initial investment provided by Microsoft and Google. Brian Behlendorf, ...