How ROOST is Advancing Online Safety

Nearly 100 million people use Discord every day. Protecting a community that size means evaluating hundreds of millions of actions—logins, messages, account changes—to catch threats before they cause harm. Behind that protection is Osprey, a rules engine technology developed by Discord and donated to ROOST to help flag suspicious logins, catch harmful content, and stop bot attacks before they spread. 

ROOST was founded to make safety tools open, shared, and auditable across platforms. A year ago, Discord helped launch this bold technology nonprofit with a clear vision: the best online safety tools shouldn’t be corporate secrets, smaller platforms shouldn’t have to reinvent what larger platforms like Discord have already built. The current moment demands that we radically accelerate the pace of innovation on safety technologies. As ROOST Board Chair, I’ve seen that vision become reality —and open-sourcing Osprey is just one of many proof points from ROOST’s first year.

Why This Matters Now

The threat landscape online has shifted dramatically. Bad actors are leveraging generative AI to create sophisticated phishing campaigns, persuasive deepfake material, and coordinated harm at unprecedented scale and speed. Traditional approaches to trust and safety need to evolve to meet technological advances.

And yet, despite virtually every online platform facing these same challenges, many are still left to reinvent safety tools from scratch, with varying degrees of success. That’s the gap ROOST was built to close, and it’s why open-sourcing battle-tested tools like Osprey matters so much.

What Osprey Does

Osprey is a high-performing rules engine for real-time event processing and behavioral analysis. It can ingest any platform event, such as login attempts, content posts, account creations, or custom actions unique to their service, and run them through rules that detect and respond to emerging threats in real time, not weeks. Safety and security teams can write expressive rules in a simple language, deploy new rules without any engineering dependencies, and get immediate, transparent decisions on whether something is safe, suspicious, or malicious.

At Discord, Osprey evaluates thousands of rules across hundreds of action types in real time. It powers our investigation platform, where teams can spot anomalies and feed insights directly back into new protections: detection informs rules, rules inform enforcement, and enforcement generates new signals. 

Preparing Osprey for release required months of engineering work to decouple it from our internal systems. What we’ve released through ROOST isn’t a stripped-down version. It started as our production engine, was further advanced by the ROOST community, and the latest version has since been reintegrated back into Discord’s stack. The tool we run in production at Discord is the same one anyone can deploy inside their company today.

Building on Proven Models & A Legacy of Collaboration

Our industry has demonstrated that collaboration on safety initiatives pays off. Back in 2009, companies advanced the collective fight against child exploitation by making foundational image-hashing systems available for free. The Tech Coalition’s Lantern program also facilitates cross-platform signal sharing for child safety. 

The Global Internet Forum to Counter Terrorism enables real-time, cross-platform incident response to acts of mass violence. And through the new ISO standard authored by the Digital Trust & Safety Partnership, the industry has begun codifying shared best practices into a recognized global standard that any organization can adopt. Each of these cross-industry initiatives addresses a specific dimension of online safety—and each remains essential.

ROOST builds on this legacy, but operates similarly to the Linux Foundation, Apache Foundation, or the Python Foundation. They are not just committed stewards of open source tools, but a builder, too. This is a vital evolution. By developing and maintaining a full suite of robust, free, and open source tools that any organization can adopt and contribute to, ROOST sits at the center of an emerging community of public-interest-oriented developers and builders.

This approach is important because no single tool or initiative can solve online safety alone. Open source tools serve a particular role here: they raise the floor and accelerate the pace of innovation. When smaller platforms can access baseline protections, they’re less likely to become breeding grounds for threats that harm their users and later manifest on larger services. When large platforms join forces, in public, to improve safety defense, everyone benefits. Every platform that adopts ROOST tooling, such as Osprey and Coop, a comprehensive review tool, helps strengthen its safety foundations and makes the broader internet more secure.

Results & Impact

ROOST is engaging a broad ecosystem of vendors offering solutions based on ROOST tools. Just like the Linux operating system gave birth to valuable companies like Red Hat, we expect that businesses will offer services to help platforms successfully deploy and manage free ROOST tools. Earlier this year, for example, Musubi announced that they would provide customers with a managed offering based on Coop, and Zentropi has integrated their labeler engine with Coop. 

Last month, ROOST introduced the v1 release of Osprey at FOSDEM, one of the world's largest gatherings of open source developers. This sparked collaborative discussions between engineers from multiple organizations and protocols, bringing them together to better understand and combat the harms that can occur on online platforms — conversations that continue as organizations adopt Osprey and other ROOST projects as part of the safety tooling for their own platforms.

What’s struck me most is the impressive pace of product development and the breadth of adoption. Platforms including Bluesky are already using these tools — a strong signal of ROOST’s potential to drive real, industry-wide value. (Take a look at Bluesky’s case study on how Osprey transformed their safety operations.) More than 360 million users across multiple platforms are now part of an ecosystem where open source safety tooling is actively at work on their behalf.

The work continues in the open, as well. Every two weeks, Osprey contributors and adopters from across the ecosystem join ROOST’s public working group meetings to discuss, plan, and help shape the future of Osprey. Together, they inform the public ROOST roadmap and the trajectory of open online safety tools as a whole.

Discord’s donation of Osprey reflects a core conviction: the best safety innovations happen when we build in the open and make our work available for others to evaluate, use, and even improve. The ROOST developer community creates a mutually reinforcing cycle. As they make Osprey better, we adopt what's relevant to Discord, and as we improve things, we share them back. It's reciprocal — and most importantly, users of every product built on ROOST tools are better for it.

The Path Forward

The reality is that every online platform is grappling with the same evolving threats. But the issue of online safety goes beyond any one platform. It’s a collective responsibility. That’s part of why we believe in building in the open: when more teams can evaluate, stress-test, and improve the same tools, the whole ecosystem gets stronger. 

Open-sourcing Osprey means more eyes on the code and more real-world feedback loops than any single company can generate. As we look ahead, we have successful models of partnership to build on, a growing ecosystem of shared tools, and — one year into the journey at ROOST — clear evidence that open source safety infrastructure has real demand and real impact.

The next breakthrough online platform shouldn’t have to build safety systems alone and from scratch. Thanks to a year of collaborative effort — and with tools like Osprey and Coop — they won’t have to. The safety infrastructure you need is available at ROOST, the community is ready, and we’re just getting started.

Visit Osprey’s “Getting Started” guide to spin up a local instance of Osprey and learn the different investigation and rules enforcement features. To meet others investigating with Osprey, you can join the ROOST Discord server or attend a bi-weekly Osprey Working Group meeting.