Each year, #OpenSSF focus on key security themes to strengthen the open source software supply chain. Our content calendar aligns with critical security topics, industry events, & #cybersecurity awareness initiatives. Learn how to contribute blog ideas: https://openssf.org/blog/2025/03/06/2025-openssf-content-themes-strengthening-open-source-security-throughout-the-year/

We’re excited to release the Secure Open Source Software Vision Brief 2025 during the #OpenSSF Policy Summit today, showcasing our progress and plans to secure OSS in critical infrastructure.

Download the Vision Brief: https://openssf.org/resources/publications/secure-open-source-software-vision-brief-2025/

The #OpenSSF February 2025 Newsletter is out! Get the latest on:

Community Days 2025 – Register for Denver & Amsterdam
OSPS Baseline – New framework to secure open source projects
CRA – What does it mean for you
A-O Report – Grants to improve security

https://openssf.org/newsletter/2025/02/26/openssf-newsletter-february-2025/

#LinuxFoundation und #OpenSSF helfen, die Anforderungen des #CRA umzusetzen | heise online https://www.heise.de/news/Linux-Foundation-und-OpenSFF-helfen-die-Anforderungen-des-CRA-umzusetzen-10275656.html #OpenSource #CyberResilienceAct

The Linux Foundation Europe and #OpenSSF communities are teaming up to help open source maintainers, manufacturers, and stewards navigate the EU Cyber Resilience Act (#CRA) and global cybersecurity regulations.

https://openssf.org/press-release/2025/01/31/linux-foundation-europe-and-openssf-launch-initiative-to-prepare-maintainers-manufacturers-and-open-source-stewards-for-global-cybersecurity-legislation/

Call for Proposals is OPEN for OpenSSF Community Day North America 2025!

Want to speak about securing the OSS supply chain? We encourage first-time speakers to apply! Join us in Denver on June 26, 2025 for this community-driven event.

Location: Denver, CO
CFP Deadline: March 23, 2025
Learn more & submit: https://openssf.org/blog/2025/01/29/openssf-community-day-na-2025-call-for-proposals-now-open/

The OpenSSF Scorecard keeps improving! With 7.6K installs and 3.4K repositories displaying badges, it’s become an essential tool for open source security. Get the full details in the Annual Report: https://hubs.la/Q0318XDQ0
#OSS #OpenSSF #Scorecard

The January 2025 OpenSSF Newsletter is here!

This month’s highlights include the OpenSSF Community Day NA 2025 CFP, exciting updates from Community Day India, insights on using OpenSSF Scorecard, and the latest What’s in the SOSS? podcast episode exploring OSS supply chain security. Plus, learn how you can help shape the community’s readiness for emerging regulations!

Read it all here: https://openssf.org/newsletter/2025/01/23/openssf-newsletter-january-2025/

Over 90% of modern apps rely on open source components, but are they secure?

The #OpenSSFScorecard helps assess #OSSsecurity yet adoption is uneven. A centralized dashboard like Ortelius could change the game.

Learn more: https://openssf.org/blog/2025/01/22/accelerating-openssf-adoption-unlocking-scorecard-insights-with-a-centralized-dashboard/

LF Research, OpenSSF, & LF Europe launch the Cybersecurity Readiness Survey & Best Practices Survey to explore best practices. Share your insights & shape the future!
https://www.research.net/r/MR35RMF
#CyberReadiness #OpenSSF

The FS-ISAC 2025 EMEA Summit CFP closes TOMORROW! OpenSSF community, don't miss this chance to share your expertise at the intersection of #Cybersecurity and the #FinancialSector. Submit your talk now! https://www.fsisac.com/events/2025-emea-summit

How ready is your organization for cybersecurity threats? Take the LF Research, OpenSSF, & LF Europe Cybersecurity Readiness & Best Practices Survey to share insights & shape global best practices.
https://www.research.net/r/MR35RMF
#CyberReadiness #OpenSSF

OpenSSF is securing the open source ecosystem! With over 100 members and thousands of contributors, we’re shaping the future of secure software development. Download the Annual Report to see our impact in 2024: https://hubs.la/Q0318XDQ0 #OSS #OpenSSF #SoftwareSecurity

New podcast episode! CRob chats with Kusari’s Michael Lieberman about securing the open source supply chain. From GUAC to SLSA, explore how #OpenSSF projects are reshaping security and how you can get involved.

Listen now https://openssf.org/podcast/2025/01/07/whats-in-the-soss-podcast-23-kusaris-michael-lieberman-talks-guac-slsa-and-securing-the-open-source-supply-chain/

Towards the end of 2024, OpenSSF proudly hosted the inaugural #SOSSCommunity Day India, and we’re excited to share that it was a tremendous success!

Check out the wrap-up blog to relive the highlights and explore the key takeaways. https://openssf.org/blog/2025/01/03/soss-community-day-india-2024-wrap-up/

Back In Time is seeking help to create its own #OpenSSF #Scorecard

This is a #GoodFirstIssue

Details in the issue:
https://github.com/bit-team/backintime/issues/1993

#security #Backup #BackInTime #FOSS #OpenSource #Sustainability @openssf

#Sigstore creator, #Chainguard CEO, #OpenSSF TAC member and Season 1 guest Dan Lorenc returns to the #ITOps Query podcast to discuss the year in #opensource and #cybersecurity. Topics range from #softwaresupplychain management, hardening #containerimages and #SBOMs in limbo to #openproduct companies and business models, including his own company's shift in focus this year. Plus: a look ahead to #SecOps and #AI in 2025. #yearinreview #2024yearinreview

https://www.podbean.com/ew/pb-ivy26-1778bf6

Sichere Software entwickeln: Kostenlose Tools und Fortbildungen bei der #OpenSSF | Developer https://www.heise.de/news/Sichere-Software-entwickeln-Kostenlose-Tools-und-Fortbildungen-bei-der-OpenSSF-10194022.html #OpenSource

How can we better assess and visualize security practices in development?

In Ep 9 of Nerding Out With Viktor, Chris Swan explains how OpenSSF Scorecards go beyond just checking for security tools, by evaluating their real-time effectiveness.

With outputs from tools like SonarCloud and a radar chart visualization, Scorecards can provide a clear view of security health, driving continuous improvement in open-source security.

https://vpetersson.com/podcast/S01E09.html