📣 Take the 2024 Secure Software Development Education Survey today!

Together we’re securing open source software for the public good.

Join the Community

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Collaborate on capabilities and best practices that secure open source software.

Start a Conversation

Participate in the latest community conversations and engage with experts.

Take Security Training

Take free courses on secure coding practices as part of our certificate program.

Read our Security Guides

Explore our helpful security guides to help secure your project from the start.

October 22-23, 2024
Atlanta, Georgia
#SOSSFusion

Get a taste for all ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments.

Listen Now

Read the Latest Reports From OpenSSF

Plan for Improving Software Developer Security Education

2023 Annual Report

Cybersecurity in Energy Infrastructure Whitepaper

Recent Blog Posts

Blog Guest Blog

April 17, 2024

Beyond Scores with OpenSSF Scorecard: Granular Structured Results for Custom Policy Enforcement

OpenSSF Scorecard is a tool to help open source projects reduce software supply-chain risks. Scorecard analyzes projects against a series of heuristics and generates scores from 0–10 for the project…

OpenSSF

Blog

April 15, 2024

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

The recent attempted XZ Utils backdoor (CVE-2024-3094) may not be an isolated incident as evidenced by a similar credible takeover attempt intercepted by the OpenJS Foundation, home to JavaScript projects…

OpenSSF

Blog

April 15, 2024

Unveiling the Golden Egg Award Winners: Celebrating Excellence in Open Source Security

We’re excited to announce the winners of the Golden Egg Awards. These awards shine a light on those who go above and beyond in enriching our community. The Golden Egg…

OpenSSF

Blog

April 12, 2024

Sessions You Won’t Want to Miss at SOSS Community Day NA and Open Source Summit North America 2024

Get ready for the Secure Open Source Software (SOSS) Community Day NA and Open Source Summit North America 2024, next week in Seattle, Washington! These events are where open source…

OpenSSF

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

Join the growing list of organizations supporting the advancement of securing open source technology and funding the development and adoption of OpenSSF initiatives.

Explore Membership in OpenSSF

Mastodon

Together we’re securing open source software for the public good.

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

October 22-23, 2024
Atlanta, Georgia
#SOSSFusion

Read the Latest Reports From OpenSSF

Recent Blog Posts

Beyond Scores with OpenSSF Scorecard: Granular Structured Results for Custom Policy Enforcement

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

Unveiling the Golden Egg Award Winners: Celebrating Excellence in Open Source Security

Sessions You Won’t Want to Miss at SOSS Community Day NA and Open Source Summit North America 2024

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Get the latest announcements, event info, and the community news in your inbo

Together we’re securing open source software for the public good.

The Open Source Security Foundation (OpenSSF) is a community of software developers, security engineers, and more who are working together to secure open source software for the greater public good.

Contribute to Technical Initiatives

Start a Conversation

Take Security Training

Read our Security Guides

October 22-23, 2024 Atlanta, Georgia #SOSSFusion

Read the Latest Reports From OpenSSF

Recent Blog Posts

Beyond Scores with OpenSSF Scorecard: Granular Structured Results for Custom Policy Enforcement

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

Unveiling the Golden Egg Award Winners: Celebrating Excellence in Open Source Security

Sessions You Won’t Want to Miss at SOSS Community Day NA and Open Source Summit North America 2024

Open source software is pervasive in data centers, consumer devices, and applications. Securing open source software requires fostering collaboration, establishing best practices, and developing innovative solutions.

We envision a future where OSS is universally trusted, secure, and reliable. Join us in making open source more secure.

Subscribe to the OpenSSF Mailing List!

Get the latest announcements, event info, and the community news in your inbo

October 22-23, 2024
Atlanta, Georgia
#SOSSFusion