OpenSSF Announces Key Membership Growth and Golden Egg Award Winners at Open Source SecurityCon North America

Foundation welcomes Target Corporation and Thread AI as new general members, OSTIF as an upgraded general member; celebrates winners of Golden Egg Award

ATLANTA, Nov. 10, 2025 /PRNewswire/ -- Open Source SecurityCon -- The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation that focuses on sustainably securing open source software (OSS), announces two new members and a membership upgrade while onsite at Open Source SecurityCon during KubeCon North America. These updates mark notable momentum for OpenSSF in its goal to sustainably secure the development, maintenance, release, and consumption of OSS, which underpins nearly 96% of modern codebases.

Membership Updates

OpenSSF is excited to announce that the Target Corporation is joining the foundation as a general member. Target and its technology teams have continually worked to secure the retail technology landscape with more resilient tools and best practices. By joining the OpenSSF, Target Corporation deepens their support for OSS and the role it plays in the future security of technology and retail.

"Modern businesses run on open source software, driving trillions in estimated global value." said Brian Muenzenmeyer, Principal Engineer, Enablement, Open Source Program Office at the Target Corporation. "OpenSSF is a role model for collaboration on open source software, standards, and data. By joining OpenSSF, Target reaffirms its support for the critical infrastructure, governance models, and neutral collaboration space the foundation provides."

OpenSSF also welcomes Thread AI, a leader in composable AI infrastructure as a general member. Thread AI joins the foundation at a critical time for the security of agentic workflows and non-human identity protocols. With this new membership, Thread AI will add its influence to security baselines for AI projects, driving resiliency for AI/ML security strategies.

"Open source security has been essential to our foundation," said Mayada Gonimah, co-founder and CTO of Thread AI. "We are extremely excited about our partnership to help drive the next frontier of secure agentic workflows."

The Open Source Technology Improvement Fund, Inc. (OSTIF) has also upgraded its associate membership to general membership, allowing the fund to gain additional visibility in the ecosystem. OSTIF has helped over 150 projects improve their security, the result of tens of thousands of hours resolving security vulnerabilities. As a general member of OpenSSF, OSTIF will continue these efforts, funding and promoting work pivotal to digital security.

"OSTIF joined OpenSSF shortly after the Foundation was formed, largely due to our close strategic relationship and working partnership with the Linux Foundation, Cloud Native Computing Foundation (CNCF), LF Energy, and the Academy Software Foundation," said Amir Montazery, Managing Director of OSTIF. "OSTIF upgraded to general membership to demonstrate a commitment to the continued collaborations between our organizations, and be able to provide more direct value to the OpenSSF and its members."

Golden Egg Award Recipients
The OpenSSF community is full of leaders that continually do their part to secure open source projects. The Golden Egg Awards are an opportunity to spotlight these individuals for their hard work and dedication to community engagement, engineering, innovation, and thoughtful leadership. This quarter, we share our gratitude by recognizing the following winners:

• Sarah Evans (Dell Technologies) for leadership in the AI/ML Security Working Group and contributions that strengthen secure AI
• Justin Cappos (NYU) for ongoing advancements in security tooling including leadership roles in SBOMit, gittuf, and building stronger relationships with academic institutions
• Patrick Zielinski (NYU) for his work on securing software development practices with gittuf
• Evan Anderson for driving adoption of secure-by-default supply chain practices through open source tooling such as Minder and for his contributions supporting the Open Source Project Security Baseline and ORBIT WG
• Brandt Keller (Defense Unicorns) for community building and developer relations with Zarf and other secure deployment initiatives

Achievements and Milestones
Over the past quarter, OpenSSF continued to advance its mission to sustainably secure open source software by delivering new learning resources, expanding global community engagement, and strengthening security tools used across the software supply chain.

Key achievements include:

• New guidance for AI Code Assistant instructions, providing developers with actionable advice to reduce insecure code generation and improve automated security support
• A new free course, Secure AI and ML Driven Software Development (LFEL1012), which helps developers tackle real-world risks from AI code assistants and AI-driven pipelines
• A full security audit of OpenSSF Scorecard through OSTIF and ADA Logics covered five key repositories including scorecard, scorecard-webapp, scorecard-action, scorecard-monitor, and Allstar, with improvements now deployed across them
• The release of Model Signing version 1.1.0 which includes expanded signing algorithms, API enhancements, and configuration options that help strengthen the security of AI supply chains
• Expanded SBOM resources, including a whitepaper on Improving Risk Management Decisions with SBOM Data
• Signed commitment for more sustainable open infrastructure through a collaborative open letter with ten other OpenSSF member organizations
• A successful first Open Source Community Day Korea

Events and Gatherings
OpenSSF recently completed a high-impact week of European policy and security engagement across Belgium, including participation at the Linux Foundation Europe Member Summit, sponsorship of the CRA in Practice Track at the LF Europe Roadshow, and co-hosting the European Open Source Security Forum with CEPS. These engagements strengthen OpenSSF's collaboration with policymakers and European open source communities.

At Open Source in Finance Forum (OSFF) NYC, OpenSSF shared how finance can secure open source software across AI adoption, OSPS Baseline driven risk reviews, and vulnerability intelligence.

New and existing OpenSSF members are gathering this week in Atlanta at Open Source SecurityCon, co-located with KubeCon North America. This event gathers a diverse community of open source professionals together to address challenges and opportunities in modern security.

Additional Resources

• View the complete list of OpenSSF members
• Contribute efforts to one or more of the active OpenSSF working groups and projects
• Sign up for the OpenSSF newsletter to receive updates on upcoming events, resources, and community news.

About the OpenSSF
The Open Source Security Foundation (OpenSSF) is a cross-industry organization at the Linux Foundation that brings together the industry's most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all. For more information, please visit us at openssf.org.

Media Contact
Grace Lucier
The Linux Foundation
[email protected] 

SOURCE OpenSSF