The Open Source Security Foundation (OpenSSF) is a cross-industry forum for collaborative improvement of open-source software security.[2][3] Part of the Linux Foundation, the OpenSSF works on various technical and educational initiatives to improve the security of the open-source software ecosystem.[4]
In October 2021, Brian Behlendorf was announced as the OpenSSF's first full-time general manager.[7] In May 2023, OpenSSF announced Omkhar Arasaratnam as its new general manager, and Behlendorf became CTO of the organization.[8]
Activityedit
Working Groups and Projectsedit
The OpenSSF houses various initiatives under its 8 current working groups.[9][10] The OpenSSF also houses two projects: the code signing and verification service Sigstore[11] and Alpha-Omega, a large-scale effort to improve software supply chain security.[12]
Policyedit
The White House held a meeting on software security with government and private sector stakeholders on January 13, 2022.[13] In May 2022, the OpenSSF hosted a follow-up meeting, the Open Source Software Security Summit II, where participants from industry agreed on a 10-point Open Source Software Security Mobilization Plan, which received $30 million in funding commitments.[14][15] In August 2023, the OpenSSF served as an advisor for DARPA's AI Cyber Challenge (AIxCC), a competition around innovation around AI and cybersecurity.[16] In September 2023, the OpenSSF hosted the Secure Open Source Software Summit with the White House, where government agencies and companies discussed security challenges and initiatives around open source software.[17]
^Anderson, Tim. "Linux Foundation rolls bunch of overlapping groups into one to tackle growing number of open-source security vulns". www.theregister.com. Retrieved 2023-05-22.
^Zorz, Mirko (2023-05-18). "Enhancing open source security: Insights from the OpenSSF on addressing key challenges". Help Net Security. Retrieved 2023-05-22.
^"OpenSSF Working Groups". Open Source Security Foundation. Retrieved 2023-05-22.
^Vizard, Mike (2022-10-27). "Sigstore Code Signing Service Becomes Generally Available". DevOps.com. Retrieved 2023-05-22.
^Vaughan-Nichols, Steven J. (2022-10-06). "Alpha-Omega Dishes out Cash to Secure Open Source Projects". The New Stack. Retrieved 2023-05-22.
^House, The White (2022-01-14). "Readout of White House Meeting on Software Security". The White House. Retrieved 2023-05-22.
^Vaughan-Nichols, Steven J. (2023-01-24). "OpenSSF Aimed to Stem Open Source Security Problems in 2022". The New Stack. Retrieved 2023-05-22.
^Page, Carly (2022-05-16). "Tech giants pledge $$ to boost open source software security". TechCrunch. Retrieved 2023-05-22.
^"DARPA AI Cyber Challenge Aims to Secure Nation's Most Critical Software". www.darpa.mil. Retrieved 2023-09-27.
^Vasquez, Christian (2023-09-13). "Washington summit grapples with securing open source software". CyberScoop. Retrieved 2023-09-27.
open, source, security, foundation, openssf, cross, industry, forum, collaborative, improvement, open, source, software, security, part, linux, foundation, openssf, works, various, technical, educational, initiatives, improve, security, open, source, software,. The Open Source Security Foundation OpenSSF is a cross industry forum for collaborative improvement of open source software security 2 3 Part of the Linux Foundation the OpenSSF works on various technical and educational initiatives to improve the security of the open source software ecosystem 4 Open Source Security FoundationAbbreviationOpenSSFPredecessorCore Infrastructure InitiativeFormation2020 4 years ago 2020 TypeNonprofitPurposeConsolidating industry efforts to improve the security of open source softwareLocationSan Francisco United StatesRegion servedWorldwideMembership94 1 General ManagerOmkhar ArasaratnamParent organizationLinux FoundationWebsiteopenssf wbr org Contents 1 History 2 Activity 2 1 Working Groups and Projects 2 2 Policy 3 See also 4 References 5 External linksHistory editThe OpenSSF was formed in August 2020 as the successor to the Core Infrastructure Initiative another Linux Foundation project 5 6 In October 2021 Brian Behlendorf was announced as the OpenSSF s first full time general manager 7 In May 2023 OpenSSF announced Omkhar Arasaratnam as its new general manager and Behlendorf became CTO of the organization 8 Activity editWorking Groups and Projects edit The OpenSSF houses various initiatives under its 8 current working groups 9 10 The OpenSSF also houses two projects the code signing and verification service Sigstore 11 and Alpha Omega a large scale effort to improve software supply chain security 12 Policy edit The White House held a meeting on software security with government and private sector stakeholders on January 13 2022 13 In May 2022 the OpenSSF hosted a follow up meeting the Open Source Software Security Summit II where participants from industry agreed on a 10 point Open Source Software Security Mobilization Plan which received 30 million in funding commitments 14 15 In August 2023 the OpenSSF served as an advisor for DARPA s AI Cyber Challenge AIxCC a competition around innovation around AI and cybersecurity 16 In September 2023 the OpenSSF hosted the Secure Open Source Software Summit with the White House where government agencies and companies discussed security challenges and initiatives around open source software 17 See also edit nbsp Free and open source software portalComputer security Open Security FoundationReferences edit Members Open Source Security Foundation Retrieved 2023 05 22 Google Microsoft GitHub and Others Join the Open Source Security Foundation infoq com Retrieved 10 August 2022 Uniting for better open source security The Open Source Security Foundation ZDNet Retrieved 10 August 2022 OpenSSF details advancements in open source security efforts VentureBeat 2022 06 21 Retrieved 2023 01 10 Anderson Tim Linux Foundation rolls bunch of overlapping groups into one to tackle growing number of open source security vulns www theregister com Retrieved 2023 05 22 Home Core Infrastructure Initiative Retrieved 2023 01 20 Tech giants commit 10M annually to Open Source Security Foundation VentureBeat 2021 10 13 Retrieved 2023 05 22 danwillis 2023 05 12 Cross industry organisation OpenSSF snaps up 5m FinTech Global Retrieved 2023 05 22 Zorz Mirko 2023 05 18 Enhancing open source security Insights from the OpenSSF on addressing key challenges Help Net Security Retrieved 2023 05 22 OpenSSF Working Groups Open Source Security Foundation Retrieved 2023 05 22 Vizard Mike 2022 10 27 Sigstore Code Signing Service Becomes Generally Available DevOps com Retrieved 2023 05 22 Vaughan Nichols Steven J 2022 10 06 Alpha Omega Dishes out Cash to Secure Open Source Projects The New Stack Retrieved 2023 05 22 House The White 2022 01 14 Readout of White House Meeting on Software Security The White House Retrieved 2023 05 22 Vaughan Nichols Steven J 2023 01 24 OpenSSF Aimed to Stem Open Source Security Problems in 2022 The New Stack Retrieved 2023 05 22 Page Carly 2022 05 16 Tech giants pledge to boost open source software security TechCrunch Retrieved 2023 05 22 DARPA AI Cyber Challenge Aims to Secure Nation s Most Critical Software www darpa mil Retrieved 2023 09 27 Vasquez Christian 2023 09 13 Washington summit grapples with securing open source software CyberScoop Retrieved 2023 09 27 External links editOfficial website OpenSSF on GitHub Retrieved from https en wikipedia org w index php title Open Source Security Foundation amp oldid 1185747565, wikipedia, wiki, book, books, library,
