OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security
Open Source Security Foundation | 13 April 2023
Hello, Linux Foundation members and readers! Here are some updates from the Open Source Security Foundation (OpenSSF) in Q1 2023:
- OpenSSF Day is coming up on May 10, 2023, as part of the Open Source Summit North America in Vancouver. All are welcome to attend!
- In March, we held a Town Hall meeting where we shared updates on OpenSSF initiatives and answered questions.
- We are happy to welcome eight new members to the OpenSSF.
- OpenSSF participated in various industry events such as CloudNativeSecurityCon, FOSDEM, and State of OpenCon. We also hosted meetups in Tokyo and Hong Kong for the first time.
Coming up: OpenSSF Day North America
The OpenSSF Day North America agenda is now live! We will host a full day of interesting session presentations, panels, and lightning talks on May 10th during Open Source Summit North America in Vancouver, Canada. Plan to join us to discuss the latest and greatest in ongoing efforts to secure the open-source software supply chain.
Improving Open Source Security through Collaboration: March 2023 OpenSSF Town Hall Highlights
At the end of March 2023, we hosted an OpenSSF Town Hall. We shared updates from the various initiatives at the OpenSSF, including Alpha-Omega, SBOM Everywhere, and diversity, equity, and inclusion (DEI) efforts around open source security. Participants had an opportunity to ask questions. Review highlights and watch the recording.
OpenSSF Membership Growth Signals Technical Communities’ Continued Commitment to Investing in Security
We recently welcomed eight new members from leading technology firms. The total number of OpenSSF members is currently over 100, and organization membership saw an 88% growth in 2022 from a variety of different sectors. New OpenSSF general member commitments include Amesto Fortytwo, Code Intelligence, Kusari, Privado, Scotiabank, and Technology Innovation Institute (TII). New associate members include the Open Source Business Alliance – Bundesverband für digitale Souveränität e.V. and Python Software Foundation. We recently welcomed eight new members from leading technology firms. We are happy to see that technical communities continue demonstrating a strong commitment to investing in security now and in the future.
Participation in Community Events Across the Globe
The first-ever CloudNativeSecurityCon North America was an important event that gathered leaders and experts from across the industry to discuss the latest trends and challenges in cloud-native security. At the event, our GM Brian Behlendorf gave a keynote talk focusing on the future of OSS and software supply chain security.
During his talk, Behlendorf highlighted the potential new security threats that could emerge from the rise of AI systems like ChatGPT. He emphasized the importance of OSS projects preparing for this new future and ensuring their code is secure and resilient against these emerging threats.
The event was hosted by the Cloud Native Computing Foundation (CNCF) in Seattle, WA. It featured an OpenSSF booth where community members had the opportunity to discuss their current initiatives and recent accomplishments. This was a great opportunity for members to network and learn from each other and collaborate on future plans and projects.
In February, Brian discussed open source software security in Europe: first on a panel about open source software funding in Brussels, Belgium, during the Open Source Policy Summit, then talks on open source security at FOSDEM, and finally, a panel on international security policy at the State of OpenCon in London, UK.
We also hosted inaugural community meetups in Tokyo and Hong Kong that were well attended.
Latest News
We’ve been busy at the OpenSSF, and often share updates with the community on our blog. Here are a few recent posts you won’t want to miss. Check them out!
- OpenSSF Best Practices Working Group Provides Security Guidance and Tools for Open Source Developers - April 5, 2023
- Taking the Pulse of Leading Software Repositories’ Security - April 4, 2023
- Clarifying Sigstore Terms of Use - March 30, 2023
- The Role of Foundations in Securing OSS - March 28, 2023
- SBOM Everywhere Update and Python SPDX-Tools - March 27, 2023
- Improving Supply Chain Security: IBM as a user and a contributor to Open Source Security Foundation Scorecard - March 20, 2023
- New SLSA++ Survey Reveals Real-World Developer Approaches to Software Supply Chain Security - March 15, 2023
- SLSA v1.0 Release Candidate - March 9, 2023
- Why Open Source is Infrastructure, and Why it Matters - March 8, 2023
- How to Make High-Quality SBOMs - March 2, 2023
- Spotlight on OpenSSF Board Member: Vincent Danen, Vice President of Product Security, Red Hat - February 14, 2023
- Independent Security Audit Impact Report - February 1, 2023
- Spotlight on OpenSSF Board Member: Tracy Ragan, CEO, DeployHub - January 18, 2023
How You Can Help Secure the OSS Supply Chain
We remain committed to ensuring the open source software ecosystem is secure for all. We’d love it if you and your organization could get involved in the OpenSSF. This could range from participating in our working groups to joining our Slack or mailing list.
We look forward to working with you to help secure the entire OSS ecosystem!
Similar Articles
Browse Categories
2023 Compliance and Security Cloud Computing Open Source Projects Linux How-To Diversity & Inclusion 2024 Open Source Best Practices Blog LF Research 2022 Newsletter Training and Certification Linux Foundation Cross Technology Research LFX cybersecurity software development AI Legal Linux Topic: Data lf blog Announcements Cloud Native Computing Foundation Networking and Edge OpenSearch linux blog project news research report Data Governance Energy Featured Events Financial Services In the news Industry: Finance Industry: Fintech Interoperability LF Energy Open Mainframe Open Models OpenChain System Administration This week at FINOS Topic: Security Topic: Sustainability brand perception confidential computing challenges eBPF generative AI human capital kernel license compliance maintainer openssf sbom tech talent techtalentsurvey