Are you curious about the latest and greatest in securing open-source software? Then #OpenSSF Day Europe is for you! Register for our September 18 event in person in Bilbao, Spain, or virtually in cyberspace here: https://events.linuxfoundation.org/openssf-day-europe/register/

Want to stay in touch with #OpenSSF initiatives, news, and events? ✉️ Join our newsletter! ✉️

Our next publication goes out on September 5!

Sign up here👇

https://openssf.org/sign-up/

Panel on Creative, Inclusive & Sustainable #Cybersecurity - Getting it Done with #DEI with Sal Kimmich, Anova Hou, Christine Abernathy, Amanda Brock, and Eddie Knight at #OpenSSF Day NA. Watch the full discussion at: https://www.youtube.com/watch?v=PSRxE5GKHeI

@lrasmus - I was cleaning out old emails and saw your post about #OpenSSF Badges (https://bssw.io/items/openssf-best-practices-badge-program). Did you ever get any traction on that? Find anyone using or having tried badges?

🛎️🚨In case you missed this folx, do not forget to register for this event unless you miss talks about #SBOM, #Sigstore, #SLSA, and many more and it is FREE for virtual attendances, what are you waiting for go and register! 🥳
#openssf #theopenssf #openssfday
https://events.linuxfoundation.org/openssf-day-north-america/register/

This is an amazing opportunity for you folx to work with the great people within the #OpenSSF, do not forget to apply if you are interested in driving the about software supply chain space with the rest of the #OpenSSF community!

They just listed 3 new job openings:
✅ Chief Architect
✅ Technical Project Manager
✅ Ecosystem Strategist

Links to each are on their website homepage 👇

https://openssf.org

I'm glad to announce that
#OpenSSF Day was announced a while ago 🥳

Registration and the call for proposals are now open🙉

Take advantage of that opportunity to save your seat in this beautiful event as a speaker and apply immediately! 🥇

/cc @tracymiranda @steveonjava @duane
➡️https://events.linuxfoundation.org/openssf-day-north-america/program/cfp/

My article just scratches the surface. Be sure to check out the presentations and videos of the sessions that are now posted https://events.linuxfoundation.org/cloudnativesecuritycon-north-america/ #CNScon #devsecops #cloudsecurity #kubecon #shiftleft #cncf #openssf 2/2

Really enjoyed #CloudNativeSecurityCon a few weeks ago in Seattle. ICYMI: here are my top takeaways https://bit.ly/3K6k5T7 via @SearchSecurity
#CNScon #devsecops #cloudsecurity #kubecon #shiftleft #cncf #openssf

Open Source Security Foundation (#OpenSSF) 2022 Annual Report

Paper
https://openssf.org/wp-content/uploads/sites/132/2022/12/OpenSSF-Annual-Report-2022.pdf

Might be a bit late to the party on this one, but the #OpenSSF 2022 report is here: https://openssf.org/wp-content/uploads/sites/132/2022/12/OpenSSF-Annual-Report-2022.pdf

@thomasfricke
Oh yeah, for automatic systems and package signing it's of course still one of the most established tool 👍

Thanks for mentioning #sigstore - I have it, and the #OpenSSF projects, on my list for next year

Securing #opensource 👍🏻 #openssf Alpha-Omega Project First Year In Review, Plus New Funding Pledge from #aws - We’ve provided funding to improve security in five critical open source projects: Node.js, the #Eclipse Foundation, the #Rust Foundation, jQuery, and the #Python Software Foundation. https://openssf.org/blog/2022/12/14/alpha-omega-project-first-year-in-review-plus-new-funding-pledge/ #infosec

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

https://www.microsoft.com/en-us/security/blog/2022/11/16/microsoft-contributes-s2c2f-to-openssf-to-improve-supply-chain-security/

#appsec #prodsec #supplychain #openssf #s2c2f

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

https://www.microsoft.com/en-us/security/blog/2022/11/16/microsoft-contributes-s2c2f-to-openssf-to-improve-supply-chain-security/

#appsec #prodsec #supplychain #openssf #s2c2f

#introduction I’m a US based cyber security engineer focused on #cloudnative solutions for #softwaresupplychain security and #zerotrust archictectures. I work in the #govtech space, but also participate heavily in #opensource through the #cncf and the #openssf. I have two liberal arts degrees (philosophy and “divinity”) and before getting into tech worked in religious education for middle/high school and college students. I still use the writing and speaking skills that previous career taught me as an occasional blogger (https://medium.com/@alexfloydmarshall), freelance writer, and contributor to CNCF #tag-security publications.

US White House joins #OpenSSF and there #LinuxFoundation in securing #FOSS.

https://www.zdnet.com/article/white-house-joins-openssf-and-the-linux-foundation-in-securing-open-source-software/