Explore open source software security principles and the OpenSSF's Best Practices Working Group initiatives in this 21-minute talk by David Wheeler from the Linux Foundation. Gain insights into supply chain security, general software security principles, and specific steps taken to address challenges in open source software. Learn about key resources developed by the working group, including guides for secure software development and evaluation, npm best practices, the OpenSSF Best Practices Badge, and educational materials like the Secure Software Development Fundamentals course. Discover the collaboration with OWASP on the Security Knowledge Framework and the role of the Education SIG in promoting secure software practices.
Open Source Security and OpenSSF's Best Practices Working Group
Overview
Syllabus
Intro
OpenSSF Best Practices Working Group (WG)
Concise Guide for Developing More Secure Software
Concise Guide for Evaluating Open Source Software
npm Best Practices Guide
OpenSSF Best Practices Badge
Course: Secure Software Development Fundamentals
Security Knowledge Framework (SKF) (with OWASP)
Education SIG
Miscellaneous notes
Taught by
OpenSSF
Related Courses
-
Application Security for Developers
-
Secure Software Development Fundamentals
-
Application Security for Developers and DevOps Professionals
-
Best Practices Make Perfect! How the OSSF is Improving Secure Development Education
-
The OpenSSF Best Practices Badge Program for Open-Source Software Quality
-
Implementing OpenSSF Best Practices Badges and Scorecards for Project Security
