Reflection by Communications, Operations, and Community Manager Helen Woeste Amir, Derek, and I joined a few thousand open source community members in Amsterdam for the Open Source Summit EU and attached OpenSSF Community Day. While Derek and Amir are no strangers to conferences, this was only my second OS Summit…
Over the duration of multiple programs with funders, we’ve heard firsthand their needs. Executives know they have the budget and desire to fund security, but need help with how to start generating outcomes. To create and sustain open source security programs requires dedicated administration work, experience with the open source…
The open source community has been abuzz for the past two years about European governance in open source software. From casual meetups to professional conferences, the implication of government funding and regulation of the free-use software sector has resulted in heavily debated discourse around the legal, financial, societal, and functional…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of OpenEXR, a project at the Academy Software Foundation. OpenEXR is an open source specification and reference implementation of the EXR file format, which “accurately and efficiently represents high-dynamic-range scene-linear image data,” (https://openexr.com/en/latest/). With…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of MaterialX. MaterialX is an open source project hosted at the Academy Software Foundation for “representing rich material and look-development content in computer graphics, enabling its platform-independent description and exchange across applications and renderers,”…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of PowSyBl. PowSyBl is an open source library for energy grid modeling, visualization, and simulation. With the help of Ada Logics and Linux Foundation Energy, this project manages electrical grids and provides users with…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of conda-forge. conda-forge is a community-driven open source repository of conda package manager recipes. With the help of 7ASecurity and the Sovereign Tech Agency, this project has invested in its longevity and security health…
If you can’t throw yourself a party, what’s the point? That was our train of thought when brainstorming earlier this year about how we wanted to celebrate our 10 year anniversary. Thriving as a non-profit startup in an incredibly competitive and difficult sector to break into, much less be successful…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Volcano. Volcano is an open source cloud native batch scheduling system offering among other things queue management and multi-cluster scheduling. With the help of Ada Logics and the Cloud Native Computing Foundation (CNCF),…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Ruby on Rails. Ruby on Rails (or “Rails”) is an open source full stack web-application framework. Thanks to the help of X41 D-Sec, GitLab, and the Sovereign Tech Agency, Rails can provide more…