Home  >  Talks

Keynote: Improving Security Data With ORBIT

Honk, the OpenSSF goose, riding a rocket ship labeled "O.R.B.I.T."

At OpenSSF Community Day Europe, Eddie Knight and I delivered a keynote about the ORBIT Working Group.

Abstract: One of the big challenges in software security is identifying and communicating security-relevant information. Where is a project’s support lifecycle documented? Who are the security contacts? Does the development follow good security practices? OpenSSF’s new ORBIT Working Group provides a home for projects that develop and maintain interoperable resources for the identification and presentation of this type of security-relevant data. ORBIT currently houses three projects: the Open Source Project Security Baseline, Security Insights, and Open Source Project Security Assessments. Together, this working group helps open source maintainers easily define security metadata and share it downstream in meaningful ways.

Date: 28 August 2025

Location: Amsterdam, NL

This post’s featured image by the OpenSSF used under the Apache-2.0 license.

Categories:Talks

Tags:

Ben Cotton

Ben is the Open Source Community Lead at Kusari. He formerly led open source messaging at Docker and was the Fedora Program Manager for five years. Ben is the author of Program Management for Open Source Projects. Ben is an Open Organization Ambassador and frequent conference speaker. His personal website is Funnel Fiasco.

Share

Related Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.