Security Training on Vulnerability Management and SBOMs from November 2025 - Videos are Online!
In early November 2025, the Eclipse Foundation Security Team delivered the second part of our security training for developers for...
Understanding Open Source Stewards and the Cyber Resilience Act
The “ Open Source Stewards and the Cyber Resilience Act ” white paper explores a new role introduced by the...
The Eclipse Foundation announces a new edition of its security training
Do you want to know more about vulnerability management? As a developer, you might receive reports, or need to create...
Security Training on Vulnerability Management and SBOMs - Videos are Online!
In early June 2025, the Eclipse Foundation Security Team delivered the second part of our security training for developers. The...
Announcing Security Training on Vulnerability Management, SBOM and related subjects
Do you want to know more about vulnerability management? As a developer, you might receive reports, or need to create...
The Eclipse Foundation offers a free security training for all Committers and Contributors
You know that security is important but just have no time to spend digging into numerous tutorials and guides to...
Per-Project Security Teams FAQ
In response to requests from various projects and after discussions between the Eclipse Foundation Security Team and the Architecture Council...
DO NOT USE IN PRODUCTION
Do you have a demo or examples in a specific repository? Or perhaps you have a functionality that needs time...
Reviewing the CVE process and the CNA rules 4.0
As you probably know, the Eclipse Foundation is a CNA (CVE Numbering Authority), responsible for assigning vulnerability identification numbers, known...
Using GitHub Private Vulnerability Reporting by Eclipse Foundation Projects
Eclipse Foundation projects can request to use GitHub Private Vulnerability Reporting . This feature allows committers of projects hosted on...
Update to vulnerability description - CVSS 4.0
A vulnerability description includes several fields, like the title and description. However, one is causing difficulties for people writing CVE...
Eclipse CycloneDDS Security Audit Has Been Completed
Today, the Eclipse Foundation released the results of our security audit for Eclipse CycloneDDS . Findings from the audit have...