Episode 298 - David A Wheeler discusses the OpenSSF

Josh and Kurt talk to David A. Wheeler about everything OpenSSF. The Open Source Security Foundation is part of the Linux Foundation, and there are 6 OpenSSF working groups. David does a great job explaining how the OpenSSF works and what the 6 working groups are doing. The working group are (in no particular order): Identifying Security Threats, Security Tooling, Best Practices, Vulnerability Disclosures, Digital Identity Attestation, Securing Critical Projects.

• David A Wheeler
• Episode 14 – David A Wheeler: CII Badges
• Sigstore joins the OpenSSF
• OpenSSF Technical Working Groups
• NPM requires MFA
• LISH
• Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks