Skip to content

Open Source Security Foundation (OpenSSF)

OpenSSF is a community of software developers and security engineers who are working together to secure open source software for the greater public good.


OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

OpenSSF is part of the nonprofit Linux Foundation.

For any questions, concerns, reports, etc., please email


Most communications happen in the following locations:


We encourage all individual contributors to work with their employers to become members. We aim to grow an active, healthy community of contributors, reviewers, and code owners. Learn more about the requirements and responsibilities of membership in our Membership page or see current members.


  1. wg-best-practices-os-developers wg-best-practices-os-developers Public

    The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

    JavaScript 660 100

  2. ai-ml-security ai-ml-security Public

    Potential WG on Artificial Intelligence and Machine Learning (AI/ML)

    31 4

  3. wg-securing-critical-projects wg-securing-critical-projects Public

    Helping allocate resources to secure the critical open source projects we all depend on.

    315 33

  4. wg-securing-software-repos wg-securing-software-repos Public

    OpenSSF Working Group on Securing Software Repositories

    80 14

  5. tac tac Public

    Technical Advisory Council

    103 44

  6. foundation foundation Public

    OpenSSF Governance and Legal Docs

    68 19


Showing 10 of 61 repositories