Skip to content

Latest commit

 

History

History
100 lines (77 loc) · 5.28 KB

README.md

File metadata and controls

100 lines (77 loc) · 5.28 KB

OpenSSF Education Special Interest Group (SIG)

This Education SIG is a group working within the OpenSSF's Best Practices Working Group formed to advance and deliver upon The OpenSSF's Mobilization Plan - Stream 1. This SIG is dedicated to providing industry standard secure software development training materials that will educate learners of all levels and backgrounds on how to create, compose, deploy, and maintain software securely using best practices in cyber and application security.

Motivation

Historically, little attention is paid in traditional software engineering coursework that highlights and teaches the importance of good cyber security hygiene and secure development techniques. Complicating the lack of trained developers is the ever-growing shortage of trained cyber security professionals that can assist developers as they create, test, and release their code.

Objective

  • Provide access to open and widely available education materials to all learners
  • Materials will be maximally accessible and easy to consume for all learners

Deliver Baseline Secure Software Development Education and Certification to All by:

  • Collecting & Curating Content
  • Expanding Training
  • Rewarding & incentiving Developers

Scope Work in Progress

What is in Scope

[What is in and out of scope]

  • Training and education around secure software development, management, deployment, distribution and data access controls
  • Incentivize learning and hiring of certified practictioners
  • Provide platform(s) for showcasing certifications for learners
  • Collaboration with educators
  • Improve existing security education and OSS project security with our educational material

What is out of Scope

  • Reporting of unknown security vulnerabilities in open source projects or taking action to remediate vulnerabilities.
  • Helping projects or individual enterprises with remediating their own security exposures from another open-source project’s security vulnerabilities
  • Providing personal guidance or feedback to individuals or groups using the educational materials
  • Assisting with technical issues related to the educational materials

For deatils of what the SIG will be delivering can be found in the revise plan

Prior Work

Get Involved

Quick Start

Meeting times

Governance

[TODO: Update this link to your specific CHARTER.md file] The CHARTER.md outlines the scope and governance of our group activities.

[OPTIONAL]

SIG Maintainers

SIG Collaborators