Guest blog opportunities are open to members, with limited exceptions for active contributors and thought leaders. Share your insights on open source security with our community.
OpenSSF Blog
Feb 27, 2025 |
In Blog
FOSDEM 2025: OpenSSF Community Wrap Up
The Free and Open source Software Developers’ European Meeting (FOSDEM) is a non-commercial, volunteer-organized European event centered on free and open source software development. It is aimed at developers and anyone interested in the open source software movement. Read more.
Feb 25, 2025 |
OpenSSF Announces Initial Release of the Open Source Project Security Baseline
New Initiative Aims to Enhance Open Source Software Security Through Tiered Best Practices SAN FRANCISCO – February 25, 2025 – The Open Source Security Foundation (OpenSSF) is pleased to announce the initial release of the Open Source Project Security Baseline (OSPS Baseline). The Baseline initiative provides a structured set of… Read more.
Feb 20, 2025 |
Does the EU CRA affect my business?
The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024. It covers many types of devices and applications that are either sold or otherwise made commercially available on the European… Read more.
Feb 6, 2025 |
Securing Public Sector Supply Chains is a Team Sport
By Daniel Moch, Lockheed Martin Everyone—from private companies to governments—is aware (or is quickly becoming aware) that the security of their software supply chain is critical to their broader security and continued success. The OpenSSF exists in part to help organizations grapple with the complexity of their supply chains, promoting… Read more.
Jan 31, 2025 |
Linux Foundation Europe and OpenSSF Launch Initiative to Prepare Maintainers, Manufacturers, and Open Source Stewards for Global Cybersecurity Legislation
BRUSSELS – JANUARY 31, 2025 – Linux Foundation Europe and OpenSSF are excited to announce a global joint initiative to help prepare maintainers, manufacturers, and open source stewards for the implementation of the EU Cyber Resilience Act (CRA) and future cybersecurity legislation targeting jurisdictions around the world. This effort aims… Read more.
Jan 29, 2025 |
Alpha-Omega 2024 Annual Report
This post originally appeared on Alpha-Omega and has been revised for the OpenSSF. By Alpha-Omega We’re pleased to share our 2024 annual report. In it we try to convey the great progress in securing open source and our joy in seeing the increased security across so many open source ecosystems.… Read more.
Jan 29, 2025 |
In Blog
OpenSSF Community Day NA 2025: Call for Proposals Now Open!
The Call for Proposals (CFP) for OpenSSF Community Day North America is officially open through March 23, 2025! Co-located with Open Source Summit North America, this event will bring the open source community together in Denver, Colorado, on June 26, 2025, for a full day of engaging discussions and presentations… Read more.
Jan 23, 2025 |
Predictions for Open Source Security in 2025: AI, State Actors, and Supply Chains
Open source software is everywhere—used in almost every modern application—but the security challenges it faces continue to grow more serious. Relying on the backbone of volunteers, vulnerabilities now make it a prime target for cyberattacks by both malicious hackers and state actors. The close call with the xz Utils backdoor… Read more.
Jan 22, 2025 |
Accelerating OpenSSF Adoption: Unlocking Scorecard Insights with a Centralized Dashboard
Open source components are consumed by over 90% of modern applications. Their omnipresence stems from their cost-effectiveness, flexibility, and collaborative nature, making them a cornerstone of contemporary software development. However, this widespread use also makes it a critical weak link in software security. Many open source projects are maintained by… Read more.
Jan 3, 2025 |
In Blog
SOSS Community Day India 2024: Wrap Up
Towards the end of 2024, we hosted the inaugural SOSS Community Day India, and we’re thrilled to share that it was a resounding success! This remarkable event brought together some of the most active open source contributors in the industry for a day filled with sharing, learning, and collaboration Read more.