Test Kiteworks Open Source Program Office
Kiteworks is consolidating all of its open-source activities under the Open Source Program Office, operating under the ownCloud brand. That single decision reflects something larger: the acquisition of ownCloud was an investment not just in software, but in the idea that the future of collaboration should be built on federation, sovereignty, and openness.
Enabling Cross-Organizational Collaboration Without Lock-In
Collaboration should not stop at the organizational boundary, and it should not require both sides to adopt the same proprietary vendor. Our commitment to open standards is what makes cross-organizational workflows possible: Open Cloud Mesh for federated sharing between independent deployments, ScienceMesh for European research network integration, Webfinger for multi-instance identity. Each organization maintains sovereign control of its own data while collaborating across boundaries. That is interoperability with integrity and the opposite of the vendor ecosystems that make your collaboration portfolio a liability.
Driving Sustainable Innovation for the Greater Good
The best infrastructure software of the past two decades: Linux, Kubernetes, PostgreSQL, Apache was built in the open because no single vendor could have produced it alone. ownCloud belongs to that tradition, and Kiteworks intends to sustain it. We fund the roadmap, contribute upstream to the open source components we depend on, and invest in the community infrastructure that turns a codebase into a living commons. Open source is a force for good a way to empower communities, strengthen institutions, and ensure that innovation is accessible to all. The OSPO is how we honor that commitment organizationally.
A Formal Security Disclosure Program
The OSPO operates a formal Vulnerability Disclosure Program at security.owncloud.com. An active bug bounty on YesWeHack rewards researchers in defined tiers.
Supply chain vulnerabilities are monitored through automated dependency scanning and a formal Software Bill of Materials process, with coordinated upstream disclosure.
For issues outside the bug bounty scope, contact security@owncloud.com.
Championing Digital Sovereignty by Design
Sovereignty cannot be achieved through contractual agreements with a SaaS provider. It requires architectural control: the ability to deploy on chosen infrastructure, audit every line of code, enforce policy through programmable rules, and operate independently of any vendor’s roadmap, pricing, or corporate actions. The OSPO exists to protect that architectural guarantee. Full source code and Software Bill of Materials are transparent. Deployment happens on infrastructure the organization controls. Open standards such as— WebDAV, OIDC, Open Cloud Mesh, LibreGraph prevent the vendor lock-in that turns every acquisition and pricing change into a business risk.
