Join us

ContentUpdates from The Open Source Security Foundation (OpenSSF) is a...
Discovery IconThat's all from @The Open Source Security Foundation (OpenSSF) is a — explore more posts below...
 Activity
sancharini
@sancharini created an organization Keploy , 12 hours, 44 minutes ago.
Story
laura_garcia
@laura_garcia shared a post, 1 day, 17 hours ago
Software Developer, RELIANOID

🌊 Load Balancing Smart Wave with RELIANOID

Built for Marine Telemetry The Smart Wave platform is key for real-time telemetry from offshore buoys, vessels, and coastal stations. But how do you ensure it performs reliably — even over satellite links? We've published a new technical guide showing how to load balance Smart Wave using RELIANOID: ..

Knowledge base_how to load balance SMART WAVE_blue economy
352 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story
sancharini
@sancharini shared a post, 2 days, 4 hours ago

Key Features to Look for in Functionality Testing Software

Discover key features to look for in functionality testing software to ensure reliable, efficient, and scalable application testing.

Features of Functionality Testing Software
364 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story
laura_garcia
@laura_garcia shared a post, 2 days, 14 hours ago
Software Developer, RELIANOID

We’re excited to take part in The Elephant In AppSec Conference 2026 🐘🔐

📅 January 14–15, 2026 🌐 Virtual Event An AppSec event where strong opinions are encouraged, assumptions are challenged, and real-world experience takes center stage. Looking forward to engaging in honest conversations and sharing how RELIANOID supports modern Application Security through secure appl..

the_elephant_in_appsec_conference_2026_relianoid
376 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story
laura_garcia
@laura_garcia shared a post, 3 days, 19 hours ago
Software Developer, RELIANOID

Cybersecurity in Maritime: The Quiet Threat Persisting Throughout the Entire Lifecycle of a Ship 🚢⚓️🔐

The maritime sector is becoming increasingly digital — and with it comes a growing, often invisible, threat: cybersecurity vulnerabilities that affect vessels from the blueprint stage to decommissioning. 📍 From compromised ECDIS systems to insecure OTA updates and neglected end-of-life data handling..

Blog Maritime Cybersecurity
376 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link Xygeni Team
mashka
@mashka shared a link, 3 days, 19 hours ago
Paid Acquisition and Growth Marketing, xygeni

Software Supply Chains Under Pressure: What Malware and AI Changed in 2025 and what to Expect in 2026

2025 exposed a shift in software supply chain attacks. AI-assisted malware, self-propagating techniques, and widespread trust abuse altered how compromises spread across dependencies, registries, and CI/CD pipelines.

This upcoming LinkedIn Live SafeDev Talk examines what truly changed, why long-held security assumptions are breaking down, and what development teams need to rethink as they head into 2026.

📅 January 20th | ⏰ Time: 𝟏𝟔:𝟑𝟎 (𝐂𝐄𝐒𝐓)/𝟏𝟎:𝟑𝟎 (𝐄𝐃𝐓)

Join Us!

SafeDev Talk 1 2026 - Yearly Recap (4)
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
 Activity
gatewayabroadjp
@gatewayabroadjp started using tool Advert Stream , 3 days, 20 hours ago.
 Activity
gatewayabroadjp
@gatewayabroadjp started using tool Adobe Analytics , 3 days, 20 hours ago.
 Activity
parkerwilsoncpa
@parkerwilsoncpa started using tool Disqus , 4 days, 2 hours ago.
Link FAUN.dev() Team
eon01
@eon01 shared a link, 5 days, 15 hours ago
Founder, FAUN.dev

2025 Internet Trends

Cloudflare just released its 2025 Radar Year in Review, a systems report on how the Internet actually behaved last year. A few things stood out in my opinion: 👉 Most AI systems take far more than they give back. AI bots now account for a meaningful slice of web traffic. Googlebot alone generates mor.. read more  

Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
The Open Source Security Foundation (OpenSSF) is an industry-backed foundation focused on strengthening the security of the global open source software ecosystem. It brings together major technology companies, cloud providers, open source communities, and security experts to address systemic security challenges that affect how software is built, distributed, and consumed.

OpenSSF was launched in 2021 and operates under the Linux Foundation, combining efforts from earlier initiatives such as the Core Infrastructure Initiative (CII) and industry-led supply chain security programs. Its mission is to make open source software more trustworthy, resilient, and secure by default, without placing unrealistic burdens on maintainers.

The foundation works across several key areas:

- Supply chain security: Developing frameworks, best practices, and tools to secure the software lifecycle from source to deployment. This includes stewardship of projects like sigstore and leadership on SLSA (Supply-chain Levels for Software Artifacts).

- Security tooling: Supporting and incubating open source tools that help developers detect, prevent, and remediate vulnerabilities at scale.

- Vulnerability management: Improving how vulnerabilities are discovered, disclosed, scored, and fixed across open source projects.

- Education and best practices: Publishing guidance, training, and maturity models such as the OpenSSF Best Practices Badge Program, which helps projects assess and improve their security posture.

- Metrics and research: Advancing data-driven approaches to understanding open source security risks and ecosystem health.

OpenSSF operates through working groups and special interest groups (SIGs) that focus on specific problem areas like securing builds, improving dependency management, or automating provenance generation. This structure allows practitioners to collaborate on concrete, actionable solutions rather than high-level policy alone.

By aligning maintainers, enterprises, and security teams, OpenSSF plays a central role in reducing large-scale risks such as dependency confusion, compromised build systems, and malicious package injection. Its work underpins many modern DevSecOps and cloud-native security practices and is increasingly referenced by governments and enterprises as a baseline for secure software development.