Home

Awesome

OSSF Security Tooling

Anyone is welcome to join our open discussions related to the group's mission and charter.

Motivation

Most developers are not security experts and even the most seasoned developers, security experts or not, make mistakes. Tools can be used to help weed out security defects allowing developers to focus on the features they want to develop.

Objective

Our mission is to Identify, Evaluate, Improve, Develop & Ease Deployment of universally-accessible, developer focused tooling to help the open source community secure their code. This space allows members to collaborate together on these goals.

Vision

Our vision is to improve the perception of security in open source software.

Governance

The CHARTER.md outlines the scope and governance of our group activities.

This group is chaired by Ryan Ware.

Get Involved

Meeting Times

Zoom every other Friday at 16:00 GMT from Nov 17.

The meeting invite is available on the public OSSF calendar.

Meeting Notes

Meeting notes are maintained in a Google Doc. If attending please add your name, and if a returning attendee, please change the color of your name from gray to black.

Antitrust Policy Notice

Special Interest Groups (SIGs) and Projects

SBOM Everywhere SIG

OSS Fuzzing SIG


Past SIGs

Guide to Security Tools SIG

False Positive Suppression Specification SIG

CVE Benchmark SIG

OSS Fuzzing


Antitrust policy

Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.

Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.