Join us

ContentUpdates from The Open Source Security Foundation (OpenSSF) is a...
News FAUN.dev() Team
devopslinks
@devopslinks shared an update, 4 months, 3 weeks ago
FAUN.dev()

GitLab 18.5 Debuts: Boosted Usability and AI-Powered Features

#AI inte...  #vulnera...  #GitLab ...  #gitlab  #AI 
GitLab GitLab CI/CD

GitLab 18.5 introduces a new panel-based UI and AI-driven tools to enhance usability, streamline workflows, and improve security with features like automated vulnerability triage and Static Reachability Analysis.

GitLab 18.5 Debuts: Boosted Usability and AI-Powered Features
1k views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
 Activity
brooksamybrook
@brooksamybrook gave 🐾 to Top 9 APM Tools for Node.js Performance Monitoring , 4 months, 3 weeks ago.
Story
laura_garcia
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID

NEW RELEASE: RELIANOID 8.4 Enterprise Edition is here!

- We’re excited to announce the launch of RELIANOID 8.4, bringing greater performance, security, and automation to your Application Delivery Infrastructure. - What’s new in 8.4: - High-Performance Proxy – Now with HTTP/2 support and Hot Restart for seamless, zero-downtime updates. - Multi-Factor Aut..

RELIANOID Enterprise Edition 8.4.0
641 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
anjali
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9

OpenTelemetry Spans Explained: Deconstructing Distributed Tracing

Understand how OpenTelemetry Spans capture, connect, and explain every operation in your distributed system for deeper visibility.

otel
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story
laura_garcia
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID

🔁 In case you missed it:Incident Response in 2025: Lessons Learned

🔁 In case you missed it: Our August blog post — “Incident Response in 2025: Lessons Learned” — looks back at a summer marked by major cyber incidents, from supply chain disruptions to large-scale data breaches. Discover how AI-driven detection, faster response strategies, and new resilience tools ar..

562 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
anjali
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9

Top 9 APM Tools for Node.js Performance Monitoring

Compare top APM tools for Node.js — from open-source options to enterprise-grade platforms — and choose the best fit for your stack.

php_apm
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
anjali
@anjali shared a link, 4 months, 3 weeks ago
Customer Marketing Manager, Last9

Top 11 Ruby APM Tools for 2025: A Performance-Driven Selection

Explore the top Ruby APM tools for 2025 — from open-source to enterprise — to monitor, trace, and optimize your app’s performance.

nodejs_apm
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story
laura_garcia
@laura_garcia shared a post, 4 months, 3 weeks ago
Software Developer, RELIANOID

🔐 Defense-in-depth is no longer a theory—it's a necessity in industrial networks.

In our latest article, we explore how industrial sectors are implementing network segmentation and microsegmentation to protect critical systems. From vertical and horizontal segmentation models to modern OT firewalls and IoT gateways, we break down the architectures and tools driving zero-trust in ..

584 views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
The Open Source Security Foundation (OpenSSF) is an industry-backed foundation focused on strengthening the security of the global open source software ecosystem. It brings together major technology companies, cloud providers, open source communities, and security experts to address systemic security challenges that affect how software is built, distributed, and consumed.

OpenSSF was launched in 2021 and operates under the Linux Foundation, combining efforts from earlier initiatives such as the Core Infrastructure Initiative (CII) and industry-led supply chain security programs. Its mission is to make open source software more trustworthy, resilient, and secure by default, without placing unrealistic burdens on maintainers.

The foundation works across several key areas:

- Supply chain security: Developing frameworks, best practices, and tools to secure the software lifecycle from source to deployment. This includes stewardship of projects like sigstore and leadership on SLSA (Supply-chain Levels for Software Artifacts).

- Security tooling: Supporting and incubating open source tools that help developers detect, prevent, and remediate vulnerabilities at scale.

- Vulnerability management: Improving how vulnerabilities are discovered, disclosed, scored, and fixed across open source projects.

- Education and best practices: Publishing guidance, training, and maturity models such as the OpenSSF Best Practices Badge Program, which helps projects assess and improve their security posture.

- Metrics and research: Advancing data-driven approaches to understanding open source security risks and ecosystem health.

OpenSSF operates through working groups and special interest groups (SIGs) that focus on specific problem areas like securing builds, improving dependency management, or automating provenance generation. This structure allows practitioners to collaborate on concrete, actionable solutions rather than high-level policy alone.

By aligning maintainers, enterprises, and security teams, OpenSSF plays a central role in reducing large-scale risks such as dependency confusion, compromised build systems, and malicious package injection. Its work underpins many modern DevSecOps and cloud-native security practices and is increasingly referenced by governments and enterprises as a baseline for secure software development.