Giters
Open Source Security Foundation (OpenSSF) (ossf)

Open Source Security Foundation (OpenSSF)

ossf

Geek Repo

OpenSSF is a community of software developers and security engineers who are working together to secure open source software for the greater public good.

Location:San Francisco, CA

Home Page:https://openssf.org

Twitter:@openssf

Github PK Tool:Github PK Tool

Open Source Security Foundation (OpenSSF)'s repositories

scorecard

OpenSSF Scorecard - Security health metrics for Open Source

Language:GoLicense:Apache-2.0Stargazers:4371Issues:67Issues:1116

criticality_score

Gives criticality score for an open source project

Language:GoLicense:Apache-2.0Stargazers:1310Issues:34Issues:88

allstar

GitHub App to set and enforce security policies

Language:GoLicense:Apache-2.0Stargazers:1238Issues:31Issues:163

package-analysis

Open Source Package Analysis

Language:GoLicense:Apache-2.0Stargazers:720Issues:20Issues:185

wg-best-practices-os-developers

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

Language:JavaScriptLicense:Apache-2.0Stargazers:710Issues:56Issues:135

fuzz-introspector

Fuzz Introspector -- introspect, extend and optimise fuzzers

Language:PythonLicense:Apache-2.0Stargazers:364Issues:20Issues:230

wg-securing-critical-projects

Helping allocate resources to secure the critical open source projects we all depend on.

License:Apache-2.0Stargazers:321Issues:60Issues:40

scorecard-action

Official GitHub Action for OpenSSF Scorecard.

Language:GoLicense:Apache-2.0Stargazers:247Issues:18Issues:846

malicious-packages

A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

Language:GoLicense:Apache-2.0Stargazers:229Issues:17Issues:19

wg-vulnerability-disclosures

The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.

License:Apache-2.0Stargazers:177Issues:62Issues:71

s2c2f

The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.

License:NOASSERTIONStargazers:176Issues:24Issues:20

osv-schema

Open Source Vulnerability schema.

Language:PythonLicense:Apache-2.0Stargazers:175Issues:29Issues:84

secure-sw-dev-fundamentals

Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)

Language:CSSLicense:CC-BY-4.0Stargazers:173Issues:27Issues:42

tac

Technical Advisory Council

License:NOASSERTIONStargazers:107Issues:39Issues:172

wg-securing-software-repos

OpenSSF Working Group on Securing Software Repositories

License:NOASSERTIONStargazers:86Issues:37Issues:12

alpha-omega

Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.

Language:Open Policy AgentLicense:Apache-2.0Stargazers:79Issues:15Issues:67

package-feeds

Feed parsing for language package manager updates

Language:GoLicense:Apache-2.0Stargazers:71Issues:14Issues:58

sbom-everywhere

Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption

Language:VueLicense:Apache-2.0Stargazers:68Issues:30Issues:28

security-insights-spec

OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Issues.

License:NOASSERTIONStargazers:49Issues:12Issues:31

ai-ml-security

Potential WG on Artificial Intelligence and Machine Learning (AI/ML)

License:Apache-2.0Stargazers:46Issues:17Issues:14

scorecard-monitor

Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts

Language:JavaScriptLicense:Apache-2.0Stargazers:30Issues:5Issues:24

ossf-landscape

License:Apache-2.0Stargazers:26Issues:9Issues:1

scorecard-webapp

Website and API for OpenSSF Scorecard

Language:HTMLLicense:Apache-2.0Stargazers:21Issues:16Issues:48

Memory-Safety

License:Apache-2.0Stargazers:17Issues:24Issues:8

scorecard-visualizer

Tool for visualizing the Open SSF Scorecard Api data in a human friendly way

Language:TypeScriptLicense:Apache-2.0Stargazers:11Issues:3Issues:8

community

License:CC-BY-4.0Stargazers:7Issues:16Issues:5

disclosure-check

disclosure-check

Language:PythonLicense:Apache-2.0Stargazers:3Issues:15Issues:5

.github

Github configuration

Stargazers:1Issues:12Issues:1

security-baseline

License:Apache-2.0Stargazers:0Issues:5Issues:17

staff

Repository to keep track of staff operations

Language:ShellLicense:Apache-2.0Stargazers:0Issues:11Issues:2