Posts from The Open Source Security Foundation (OpenSSF) is a members | The fastest way for busy developers to keep up with technologies 🚀

Updates from The Open Source Security Foundation (OpenSSF) is a...

Posts
Description

Link

@devopslinks shared a link, 3 months, 2 weeks ago

FAUN.dev()

WTF is ... - AI-Native SAST?

AI-native SAST is replacing the “LLM as magic scanner” myth. Instead, the smart play is combining language models with real static analysis. That’s how teams are catching the gnarlier stuff - like business logic bugs - that usually slip through. The trick?Use static analysis to grab clean, relevant .. read more

News FAUN.dev() Team

@varbear shared an update, 3 months, 2 weeks ago

FAUN.dev()

New MCP Release v0.10.0 Supercharges AI-Assisted Web Development

#AI codi... #Model C... #perform... #Debuggi... #Chrome ...

Chrome DevTools MCP v0.10.0 unlocks deeper AI-powered debugging with new tools for DOM access, network request detection, page reload automation, performance insights, and snapshot saving.

Google Launches Chrome DevTools MCP Server Preview for AI-Driven Web Debugging

Activity

@varbear added a new tool chrome-devtools-mcp , 3 months, 2 weeks ago.

News FAUN.dev() Team

@varbear shared an update, 3 months, 2 weeks ago

FAUN.dev()

AWS Lambda Gets Python 3.14: Faster, Smarter, and More Serverless-Friendly

#aws #Python ... #Lambda@... #AWS Lam...

Python 3.14 is now available in AWS Lambda, enabling developers to leverage new Python features for serverless applications.

AWS Lambda Gets Python 3.14: Faster, Smarter, and More Serverless-Friendly

News FAUN.dev() Team

@kaptain shared an update, 3 months, 2 weeks ago

FAUN.dev()

The Most Absurd (and Brilliant) Kubernetes Cluster at KubeCon 2025

#kubecon #PETAFLO... #LattePa... #nvidia #kuberne...

Engineer Justin Garrison showcased a backpack-sized PETAFLOP Kubernetes cluster at KubeCon 2025, demonstrating localized AI capabilities without cloud reliance.

The Most Absurd (and Brilliant) Kubernetes Cluster at KubeCon 2025

Activity

@kaptain added a new tool Talos Linux , 3 months, 2 weeks ago.

News FAUN.dev() Team

@kaptain shared an update, 3 months, 2 weeks ago

FAUN.dev()

Google Breaks Kubernetes Limits Again: Inside the 130,000-Node GKE Cluster

#GKE #Google ... #Google #AI #kuberne...

Google successfully operates a 130,000-node Kubernetes cluster to enhance GKE's scalability for AI workloads.

Control plane throughput: Sustaining up to 1,000 operations per second for both Pod creation and Pod binding during intense scheduling phases.

Activity

@kaptain added a new tool kueue , 3 months, 2 weeks ago.

News FAUN.dev() Team

@devopslinks shared an update, 3 months, 2 weeks ago

FAUN.dev()

Inside Cloudflare's Worst Outage Since 2019: How a Single Config File Broke the Internet

#Feature... #DDoS #Postmor... #cloudfl... #outage

A database permissions change led to a Cloudflare outage by creating an oversized feature file, causing network failures initially mistaken for a DDoS attack.

Inside Cloudflare's Worst Outage Since 2019: How a Single Config File Broke the Internet

News FAUN.dev() Team

@devopslinks shared an update, 3 months, 2 weeks ago

FAUN.dev()

Valkey 9.0 Released: Faster Clusters, New TTL Controls, and Big Networking Gains

#scalabi... #Valkey #Valkey ... #Redis #open so...

Valkey 9.0 debuts with atomic slot migrations, hash field expiration, and improved cluster mode support, enhancing data management and scalability.

Valkey 9.0 Released: Faster Clusters, New TTL Controls, and Big Networking Gains

The Open Source Security Foundation (OpenSSF) is an industry-backed foundation focused on strengthening the security of the global open source software ecosystem. It brings together major technology companies, cloud providers, open source communities, and security experts to address systemic security challenges that affect how software is built, distributed, and consumed.

OpenSSF was launched in 2021 and operates under the Linux Foundation, combining efforts from earlier initiatives such as the Core Infrastructure Initiative (CII) and industry-led supply chain security programs. Its mission is to make open source software more trustworthy, resilient, and secure by default, without placing unrealistic burdens on maintainers.

The foundation works across several key areas:

- Supply chain security: Developing frameworks, best practices, and tools to secure the software lifecycle from source to deployment. This includes stewardship of projects like sigstore and leadership on SLSA (Supply-chain Levels for Software Artifacts).

- Security tooling: Supporting and incubating open source tools that help developers detect, prevent, and remediate vulnerabilities at scale.

- Vulnerability management: Improving how vulnerabilities are discovered, disclosed, scored, and fixed across open source projects.

- Education and best practices: Publishing guidance, training, and maturity models such as the OpenSSF Best Practices Badge Program, which helps projects assess and improve their security posture.

- Metrics and research: Advancing data-driven approaches to understanding open source security risks and ecosystem health.

OpenSSF operates through working groups and special interest groups (SIGs) that focus on specific problem areas like securing builds, improving dependency management, or automating provenance generation. This structure allows practitioners to collaborate on concrete, actionable solutions rather than high-level policy alone.

By aligning maintainers, enterprises, and security teams, OpenSSF plays a central role in reducing large-scale risks such as dependency confusion, compromised build systems, and malicious package injection. Its work underpins many modern DevSecOps and cloud-native security practices and is increasingly referenced by governments and enterprises as a baseline for secure software development.

We believe organizations are best managed by their official representatives. Claim this page if you are the administrator of The Open Source Security Foundation (OpenSSF) is a.

Claim this page