Open Federation is a community-driven open source initiative to create and maintain a specification for federated GraphQL APIs. Be part of the future; let's craft together.
The penetration testing execution standard consists of seven (7) main sections.
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it.
Evolving the Prometheus exposition format into a standard.
OpenMetrics a specification built upon and carefully extending Prometheus exposition format in almost 100% backwards-compatible ways.
Making the Network Visible.
sFlow® is an industry standard technology for monitoring high speed switched networks. It gives complete visibility into the use of networks enabling performance optimization, accounting/billing for usage, and defense against security threats.
Hydra simplifies the development of interoperable, hypermedia-driven Web APIs
JSON for Linking Data.
Data is messy and disconnected. JSON-LD organizes and connects it, creating a better Web.
Filter your HTML the standards-compliant way!
HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and aggressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant.
HTML Purifier is oriented towards richly formatted documents from untrusted sources that require CSS and a full tag-set. This library can be configured to accept a more restrictive set of tags, but it won't be as efficient as more bare-bones parsers. It will, however, do the job right, which may be more important.
An open source program office (OSPO) serves as the center of competency for an organization's open source operations and structure. It is responsible for defining and implementing strategies and policies to guide these efforts.
When writing text with a compatible markup language, add a line break after each substantial unit of thought.
Semantic Line Breaks describe a set of conventions for using insensitive vertical whitespace to structure prose along semantic boundaries.
We are uncovering better ways of developing
software by doing it and helping others do it.
What is humans.txt?
It's an initiative for knowing the people behind a website. It's a TXT file that contains information about the different people who have contributed to building the website.
Supply-chain Levels for Software Artifacts, or SLSA ("salsa").
It’s a security framework, a checklist of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure. It’s how you get from "safe enough" to being as resilient as possible, at any link in the chain.
An open specification for enriching containers with development specific content and settings.
A Development Container (or Dev Container for short) allows you to use a container as a full-featured development environment. It can be used to run an application, to separate tools, libraries, or runtimes needed for working with a codebase, and to aid in continuous integration and testing. Dev containers can be run locally or remotely, in a private or public cloud.
A novice wanted to learn the Tao of Backup. The master said: To become enlightened, you must master the seven heads of Backup. He who knows the heads will keep all his data forever.
Reproducible builds are a set of software development practices that create an independently-verifiable path from source to binary code.
OpenBMC is a Linux distribution for management controllers used in devices such as servers, top of rack switches or RAID appliances. It uses Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your platform.
Thread is a low-power and low-latency wireless mesh networking protocol built using open and proven standards. Thread solves the complexities of the IoT, addressing challenges such as interoperability, range, security, energy, and reliability. Thread networks have no single point of failure and include the ability to self-heal.
The open source initiative to create a JSON-based standard for resumes. For developers, by developers.
International Open Standard (ISO/IEC 5962:2021).
SPDX is an open standard for communicating software bill of material information, including provenance, license, security, and other related information. SPDX reduces redundant work by providing common formats for organizations and communities to share important data, thereby streamlining and improving compliance, security, and dependability. The SPDX specification is recognized as the international open standard for security, license compliance, and other software supply chain artifacts as ISO/IEC 5962:2021.
Content Security Policy Reference.
The new Content-Security-Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring which dynamic resources are allowed to load.