Learn About OpenSSF In The Current Landscape From Brian Behlendorf, General Manager Open Source Security Foundation
OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.
Learn About SPDX In The Current Landscape From Kate Stewart, VP, Dependable Embedded Systems At The Linux Foundation
SPDX is an open standard for communicating software bill of material information, including provenance, license, security, and other related information.
And Learn More About Industry Responses To Log4J With A Practical Case Study About How Things Unfolded “On The Ground”
You can expect to come away with a clear understanding of market conditions, how the Linux Foundation is addressing them, and where OpenChain fits into the picture. The goal – as always – is to ensure you have the information necessary to make informed, effective decisions around the open source supply chain.
We seek to build trust in the quality of programs used by you, your customers and your suppliers. We are proud to have taken significant strides in our field throughout 2021. We expect to push the boundaries of what is possible once again in 2022. You can learn more about what we are doing around security – including our reference assurance guide – here:
We are turning this into a Reference Security Specification via our bi-weekly global work team calls. You can via the current draft on GitHub and open issues here: