Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Collaborate on capabilities and best practices that secure open source software.

Start a Conversation

Participate in the latest community conversations and engage with experts.

Take Security Training

Take free courses on secure coding practices as part of our certificate program.

Read our Security Guides

Explore our helpful security guides to help secure your project from the start.

Featured Projects

OpenSSF Scorecard

Assess open source projects for security risks through a series of automated checks.

Learn More

OSPS Baseline

Structured security requirements aligned with international frameworks, standards, and regulations.

Learn More

Sigstore

sigstore is a standard for signing, verifying, and protecting software.

Learn More

SLSA

Safeguarding artifact integrity across any software supply chain.

Learn More

What’s in the SOSS? Podcast

Listen on Apple Podcasts Listen on Spotify Listen on Overcast Listen on Pocket Casts

OpenSSF Hosted Events

OpenSSF events are a great opportunity to get involved with the OpenSSF community across the security and open source ecosystem. Join us and share ideas, progress, and collaborate on securing open source software.

Read the Latest Reports From OpenSSF

Secure Open Source Software Vision Brief 2025

2024 Annual Report

Alpha-Omega 2024 Annual Report

Recent Blog Posts

VIEW ALL BLOGS →

June 11, 2025

Maintainers’ Guide: Securing CI/CD Pipelines After the tj-actions and reviewdog Supply Chain Attacks

CI/CD pipelines are increasingly becoming high-value targets for attackers. With access to secrets, source code, and infrastructure, they offer a direct route to supply chain compromise. The recent breaches involving…

OpenSSF

Love0

Blog Guest Blog

June 6, 2025

From Sandbox to Incubating: gittuf’s Next Step in Open Source Security

We’re pleased to share that gittuf, a platform-agnostic Git security framework, has officially progressed to the Incubating Project stage under the Open Source Security Foundation (OpenSSF). This marks a major…

OpenSSF

Love0

Blog Guest Blog

June 5, 2025

Choosing an SBOM Generation Tool

Software Bills of Materials (SBOMs) are the foundational piece of understanding your software supply chain. By listing the components that go into your application, SBOMs give you a starting point…

OpenSSF

Love0

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

Join the growing list of organizations supporting the advancement of securing open source technology and funding the development and adoption of OpenSSF initiatives.

Explore Membership in OpenSSF

Mastodon

Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

Featured Projects

OpenSSF Scorecard

OSPS Baseline

Sigstore

SLSA

What’s in the SOSS? Podcast

OpenSSF Hosted Events

Read the Latest Reports From OpenSSF

Recent Blog Posts

VIEW ALL BLOGS →

Maintainers’ Guide: Securing CI/CD Pipelines After the tj-actions and reviewdog Supply Chain Attacks

From Sandbox to Incubating: gittuf’s Next Step in Open Source Security

Choosing an SBOM Generation Tool

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbox

Register for OpenSSF Community Day North America 2025

June 26, 2025 | Denver, Colorado

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

Featured Projects

OpenSSF Scorecard

OSPS Baseline

Sigstore

SLSA

What’s in the SOSS? Podcast

OpenSSF Hosted Events

Read the Latest Reports From OpenSSF

Recent Blog Posts

VIEW ALL BLOGS →

Maintainers’ Guide: Securing CI/CD Pipelines After the tj-actions and reviewdog Supply Chain Attacks

From Sandbox to Incubating: gittuf’s Next Step in Open Source Security

Choosing an SBOM Generation Tool

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Newsletter!

Get the latest announcements, event info, and the community news in your inbox