15 years of experience in the IT industry

Amplify community communications to improve security for 30 million web sites

Boost core JavaScript technology Node.js security report by interviewing security releases team covering best practices and threat models.


Node.js is an open source project powering over 30 million web sites. But since it is an open source project, ultimately it has limited resources. The OpenSSF provided the OpenJS Foundation a grant of $400,000 to help improve Node.js security. However, to build the Node.js security community, the community needs to find out about the improvements and understand how they can get involved.


Once a month, we interview the security team, going through a list of triage issues, updates, problems with outside applications like OpenSSL, and more. This is used as a basis for blogs, social media, internal communications to members, and more.


Take security issues and make them widely known. Talk directly to the security team, translate it for wide us, and leverage the communications channels of the OpenJS Foundation to make sure that the Node.js community around the world is up-to-date.


OpenJS Foundation

Project Link



User Group Management

The Process

We built a direct communications channel out to the Node.js community by interviewing the security team, summarizing and contextualizing the information, and communicating it out widely.

The Result

The OpenJS Foundation will be getting a second grant from the OpenSSF foundation due to the results communicated out during the first grant period.

“ We needed to make sure the solid results coming from the OpenSSF grant were being communicated to the Node.js community. Oppkey has provided the means to get that information out quickly and broadly. ”

Robin Ginn, executive director, OpenJS Foundation

Partner With Oppkey To Build Your Company

Free assessment of your community to identify the easiest ways to connect your staff, partners, customer, and developers together.