OpenSSF is committed to working both upstream and with existing communities to advance open source security for all.
We foster collaboration, establish best practices, and develop innovative solutions to secure the development, maintenance, and consumption of open source software. OpenSSF is part of the nonprofit Linux Foundation.
- Visit our Projects page (https://openssf.org/projects/)
- AI/ML Security - explore the security risks associated with AI and ML and their impact on open source
- Diversity, Equity & Inclusion - foster a more diverse and inclusive cybersecurity workforce
- Best Practices for Open Source Developers — provide awareness, education, and guidance about security best practices
- Global Cyber Policy - collaborate on cybersecurity-related legislation, frameworks, and standards
- Securing Critical Projects — identify and help secure critical open source projects
- Securing Software Repositories — strengthen the security posture of software repositories
- Security Tooling — identify and provide state of the art, globally accessible security tools
- Supply Chain Integrity — ensure the provenance of open source code
- Vulnerability Disclosures — enable efficient vulnerability reporting and remediation
For any questions, concerns, reports, etc., please email operations@openssf.org.
- Join the OpenSSF Slack
- Subscribe to the [OpenSSF monthly newsletter] (https://openssf.org/sign-up/)
- Join one of the OpenSSF Mailing Lists
- Attend Working Group, Special Interest Group (SIG), and Project meetings, which can be found on our Community Calendar
- For more ways to participate, visit our Get Involved page
We encourage all individual contributors to work with their employers to become members. We aim to grow an active, healthy community of contributors, reviewers, and code owners. Learn more about the requirements and responsibilities of membership in our Membership page or see current members.
