We’re investigating the impact of open source collaboration to solve the world’s most pressing challenges.

LF Research about page cover tiles

About LF Research

LF Research publishes actionable and decision-useful insights into open source software, hardware, standards, and data based on empirical research methodologies. Through leveraging community networks, project databases, surveys, and qualitative findings, and through its commitment to best practices in primary research, Linux Foundation Research is the definitive home for data-driven insights into open source for the benefit of governments, enterprises, and society at large.

Featured Research: Open Source For Sustainability

Linux Foundation Research set out to understand how the open source community has advanced the United Nations' Sustainable Development Goals (SDGs), conducting a comprehensive study of the LF’s diverse portfolio of projects.




Participate in our surveys, give back to your community, and earn events and training discounts!

Interested in conducting research?

Review our prospectus for more information, and email us at



Addressing Cybersecurity Challenges in Open Source Software

Download Report


While open source software is ubiquitous and generally regarded as being secure, software development practices vary widely across projects regarding application development practices, protocols to respond to defects, or lack of standardized selection criteria to determine which software components are more likely to be secure. Consequently, software supply chains are vulnerable to attack, with implications and challenges for open source project communities.

To help improve the state of software supply chain security, new research was conducted in partnership with the Open Source Security Foundation (OpenSSF), Snyk, the Eclipse Foundation, CNCF, and CI/CD Foundation as a means to help focus efforts in programming, incentives, and other resourcing to support the creation of more secure software.

In April of 2022, LF Research and its partners fielded a survey comprising 539 open source software maintainers and core contributors and qualitative interviews from a subset of those individuals. This report identifies the most acute software security development gaps and challenges, including at the organizational level, where policies requiring security protocols are in short supply, and dependencies are not effectively managed. 


  • Linux Foundation Research Team
  • Foreword by Brian Behlendorf, General Manager, Open Source Security Foundation

Additional Resources

Our Team

Filter by: