GUAC v0.8.0 Released
GUAC v0.8.0Â is now available. This release brings support for license information, node deletion, and many other improvements.
The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.
Collaborate on capabilities and best practices that secure open source software.
Participate in the latest community conversations and engage with experts.
Take free courses on secure coding practices as part of our certificate program.
Explore our helpful security guides to help secure your project from the start.
What’s in the SOSS? Podcast
Recent Blog Posts
Announcing SigstoreCon: Supply Chain Day!
Announcing SigstoreCon: Supply Chain Day!
Join us for SigstoreCon: Supply Chain Day! Co-located with Kubecon NA 2024 in Salt Lake City, attendees will learn about simplifying signing and verification for digital artifacts using Sigstore, as well as…
Mitigating Attack Vectors in GitHub Workflows
Mitigating Attack Vectors in GitHub Workflows
GitHub Actions are commonly used to automate processes in repositories, by running CI (continuous integration) tests on pull requests for example. It can also be used to make a package…
Call for Proposals: SOSS Community Day Japan 2024
Call for Proposals: SOSS Community Day Japan 2024
We are excited to announce that the OpenSSF is hosting Security of Open Source Software (SOSS) Community Day Japan 2024, scheduled for Wednesday, October 30, 2024. This one-day event will…
Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.
Join the growing list of organizations supporting the advancement of securing open source technology and funding the development and adoption of OpenSSF initiatives.