.png)
.png)
OpenSSF built a solid reputation within the technical community as a trusted resource for best practices and guidance in open source security principles. They came to Look Left Marketing in 2024 to build on this legacy and get the attention of publications with strong authority and large audiences. Within nine months, Look Left helped OpenSSF become a go-to resource for reporters at Washington Post, Reuters, Politico and more.
Strategy
Look Left set out to establish OpenSSF as a resource for expertise, not just on technical topics, but also on public policy and global trends such as AI. We did this by increasing visibility for the OpenSSF brand as well as OpenSSF projects, programs, members and collaborations.
The result? OpenSSF is the name on every reporter’s tongue. The brand has received more organic mentions of organization projects, research and content than ever before and is getting attention from tier one outlets.
Results
- More than doubled the amount of coverage YoY (>130% increase)
- More than tripled the amount of OpenSSF project coverage YoY (252% increase)
- 12 media placements in publications with a potential audience of >20 million
- 14 podcast features and news mentions
- One-third of original coverage was in tier 1 publications
- 46% of coverage with backlinks
Media Highlights
Here’s a sample of the outstanding coverage Look Left secured for OpenSSF in a single year. With each placement, the Look Left team elevates OpenSSF’s mission to advance open source security and extend its impact across industries and around the world.
- Washington Post
- Hackers race to win millions in contest to thwart cyberattacks with AI
- OpenSSF founder Brian Behlendorf discussed the importance of open source security as part of a larger story about the DARPA AI Cyber Challenge.
- NPR
- The Hack that Almost Broke the Internet
- Former OpenSSF GM Omkhar Arasaratnam spoke with NPR about the XZ Utils backdoor vulnerability, saying: “I guess this is one of the failure modes of how society has consumed open-source. The overhead of having to deal with this stuff can become overwhelming.”
- Politico
- Hacking The Gender Gap
- Regarding the National Security Council’s partnership with OpenSSF and Linux Foundation, which is providing 250 free cybersecurity courses and certifications to Jordanian women. Anne Neuberger, deputy national security adviser for cyber and emerging technology, said, “This will equip women in Jordan with crucial skills and contribute to national security.”
- Reuters
- Open source groups say more software projects may have been targeted for sabotage
- OpenSSF and OpenJS issued a statement showing the attempt to insert a secret backdoor into XZ Utils was not an isolated incident and that there were multiple JavaScript projects that were also being targeted.
- Fortune
- After a failed Linux backdoor attempt grabs headlines, open-source leaders warn of more attacks
- OpenSSF and OpenJS were quoted regarding XZ Utils and subsequent attacks: “These social engineering attacks are exploiting the sense of duty that maintainers have with their project and community in order to manipulate them. Pay attention to how interactions make you feel. Interactions that create self-doubt, feelings of inadequacy, of not doing enough for the project, etc. might be part of a social engineering attack.”
- Gizmodo
- Open-Source Cybersecurity Is a Ticking Time Bomb
- In an extensive piece about open source software, former OpenSSF GM Omkhar was quoted, sharing that while there are no silver bullets, he can’t help but be hopeful (about the future of open source security) because of what’s at stake. “If we get this right, we help 8 billion people,” he says.
- Dark Reading
- Under-Resourced Maintainers Pose Risk to Africa’s Open Source Push
- OpenSSF shares the important lessons learned from the attack on the XZ Utils project with Dark Reading.
- The Register
- How did a CrowdStrike file crash millions of Windows computers? We take a closer look at the code
- Omkhar Arasaratnam, general manager of OpenSSF, explained how the CrowdStrike failure happened and the best practices that could have prevented it in this deep dive with The Register.
