New Case Study: Pioneering Software Supply Chain Security with Eclipse Temurin
Find out how the Eclipse Foundation and Adoptium Working Group are working to build the world's most secure OpenJDK distribution
supply chain security
FOSS Security Campus Trainings
FOSS Security Campus Trainings are in-depth training courses by distinguished experts on the topics of open source and security, to empower developers, dev ops engineers, managers and others in the field of software development to make their products more secure. The trainings being offered are: DevSecOps and Software factory included by Thomas Fricke (Freelancer), A Game of Cat and Mouse by Stefan Grönke (Radically Open Security) and Automated Security Testing by Peter Mosmans (Radically Open Security).
FOSS Security Campus
FOSS Security Campus, is a new event focusing on IT security in the FOSS and open source sector. The conference will take place for the first time on September 28-29th, 2023. Topics include Open Source Supply Chains, Security Processes, Vulnerability Disclosure, Bug Bounties, Security by Design, Risk Mitigation and much more. The conference will be kicked off with a keynote by Melanie Rieback on "How business models are conflicting with a cybersecure world" and on the second conference day a keynote will be held by Thijs Ebbers and Jan Vogel on Zero Privilege Architectures.
Alpha-Omega Project First Year In Review, Plus New Funding Pledge
With funding from the Alpha-Omega Project, the Eclipse Foundation ran Scorecards against all its projects, analyzed the results, and created a prioritized list of activities that they’ll focus on to achieve the best and broadest impact.
State of the Eclipse Foundation GitHub Repositories
Eclipse Foundation Head of Security Mikaël Barbero goes through Scorecard's overview of the current security posture of 254 Eclipse Foundation projects in his new blog post.
Eclipse Plunges into OSS Supply Chain Security
The Eclipse Foundation will be getting more hands-on in helping to secure the open source software supply chain after accepting a contribution from the Open Source Security Foundation (OpenSSF) this week.
Open Source Security at the Eclipse Foundation
With the help of funding from the Alpha-Omega Project, the Eclipse Foundation is rolling out new supply chain security measures.
Security Leadership at the Eclipse Foundation
With the increasing number of software supply chain attacks, we've defined a list of best practices that we encourage Eclipse Foundation committers and projects to follow.
OpenSSF Announces 15 New Members To Further Strengthen Open Source Software Supply Chain Security
The Eclipse Foundation recently joined OpenSSF as an Associate Member. OpenSSF is a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives.