Posts by tag

OpenSSF

6 posts
View Post
  • 4 min

The Linux Foundation And Harvard’s Lab For Innovation Science Release Census Of Most Widely Used Open Source Application Libraries

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the final release of “Census II of Free and Open Source Software – Application Libraries.” This follows the preliminary release of Census II, “Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software” and identifies more than one thousand of the most widely deployed open source application libraries found from scans of commercial and enterprise applications. This study informs what open source packages, components and projects warrant proactive operations and security support. The original Census Project (“Census I”) was conducted in 2015 to identify which…
View Post
Share
View Post
  • 3 min

The Linux Foundation Releases The State Of Software Bill Of Materials (SBOM) And Cybersecurity Readiness Research

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, in partnership with OpenSSF, SPDX, and OpenChain, today announced the availability of the first in a series of research projects to understand the challenges and opportunities for securing software supply chains. “The State of Software Bill of Materials and Cybersecurity Readiness” reports on the extent of organizational SBOM readiness and adoption tied to cybersecurity efforts. The study comes on the heels of both the U.S. Administration’s Executive Order on Improving the Nation’s Cybersecurity and the recent White House Open Source Security Summit. Its timing coincides with increasing recognition…
View Post
Share
View Post
  • 3 min

The OpenSSF And The Linux Foundation Address Software Supply Chain Security Challenges at White House SummitThe OpenSSF and the Linux Foundation Address Software Supply Chain Security Challenges At White House Summit

Today marks an important moment in the Linux Foundation’s history of engagement with public sector organizations. The White House convened an important cross-section of the Open Source developer and commercial ecosystem along with leaders and experts of many U.S. federal agencies to identify the challenges present in the open source software supply chain and share ideas on ways to mitigate risk and enhance resilience. At the meeting, the Linux Foundation and the Open Source Security Foundation (OpenSSF) represented their hundreds of communities and projects by highlighting collective cybersecurity efforts and sharing their intent to work with the administration across public…
View Post
Share
View Post
  • 4 min

Open Source Security Foundation (OpenSSF): Reflection And Future

  The Open Source Software Foundation (OpenSSF) officially launched on August 3, 2020. In this article, we’ll look at why the OpenSSF was formed, what it’s accomplished in its first six months, and its plans for the future. The world depends on open source software (OSS), so OSS security is vital. Various efforts have been created to help improve OSS security. These efforts include the Core Infrastructure Initiative (CII) in the Linux Foundation, the Open Source Security Coalition (OSSC) founded by the GitHub Security Lab, and the Joint Open Source Software Initiative (JOSSI) founded by Google and others. It became…
View Post
Share
View Post
  • 4 min

New Open Source Contributor Report Fom Linux Foundation And Harvard Identifies Motivations And Opportunities For Improving Software Security

The Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) announced the release of a new report, “Report on the 2020 FOSS Contributor Survey,” which details the findings of a contributor survey administered by the organizations and focused on how contributors engage with open source software. The research is part of an ongoing effort to study and identify ways to improve the security and sustainability of open source software. The FOSS (Free and Open Source Software) contributor survey and report follow the Census II analysis released earlier this year. This combined pair of…
View Post
Share
View Post
  • 8 min

Open Source Security Foundation Announces Education Courses And Participation Initiatives To Advance Its Commitment To Securing The World’s Software Infrastructure

OpenSSF, a cross-industry collaboration to secure the open source ecosystem, announced free training for developing secure software, a new OpenSSF professional certificate program called Secure Software Development Fundamentals and additional program and technical initiatives. It is also announcing new contributors to the Foundation and newly elected advisory council and governing board members. Open source software has become pervasive across industries, and ensuring its security is of primary importance. The OpenSSF, hosted at the Linux Foundation, provides a structured forum for a collaborative, cross-industry effort. The foundation is committed to working both upstream and with existing communities to advance open source…
View Post
Share