This Education SIG is a group working within the OpenSSF's Best Practices Working Group formed to advance and deliver upon The OpenSSF's Mobilization Plan - Stream 1. This SIG is dedicated to providing industry standard secure software development training materials that will educate learners of all levels and backgrounds on how to create, compose, deploy, and maintain software securely using best practices in cyber and application security.
Motivation
Historically, little attention is paid in traditional software engineering coursework that highlights and teaches the importance of good cyber security hygiene and secure coding techniques. Complicating the lack of trained developers is the ever-growing shortage of trained cyber security professionals that can assist developers as they create, test, and release their code.
Objective
Deliver Baseline Secure Software Development Education and Certification to All by:
- Collecting & Curating Content
- Expanding Training
- Rewarding & incentiving Developers
Scope
[What is in and out of scope]
Prior Work
The OpenSSF's Mobilization Plan - Stream 1
- List of prior and/or related projects
Get Involved
- Official communications occur on the openssf-sig-education@lists.openssf.org.
Manage your subscriptions to Open SSF mailing lists. - Mobilization Stream 1 Slack
- Developer Best Practices WG Slack
Quick Start
- Areas that need contributions
- Build information if applicable
- Where to file issues - https://github.com/ossf/education/issues
- Etc.
Meeting times
- Every other Wednesday @ 09:00am EST. The invite is available on the OpenSSF Community Calendar.
- Meeting Minutes
Governance
[TODO: Update this link to your specific CHARTER.md file] The CHARTER.md outlines the scope and governance of our group activities.
[OPTIONAL]
- Lead name: CRob
- Co-Lead name: Dave Russo
- Christopher "CRob" Robinson, Intel
- Dave Russo, Red Hat
- David A Wheeler, LF/OSSF
- Emily Fox, Apple, CNCF TOC
- Glenn ten Cate, SKF
- Judy Kelly, Red Hat
- Sal Kimmich, Sonatype
- VM (Vicky) Brasseur, Wipro
- Avishay Balter, Microsoft
- Brian Fox, Sonatype, OSSF GB
- Christine Abernathy, F5
- Dan Appelquist, Snyk
- Eric Tice, Wipro
- Georg Kunz, Ericsson
- Marta Rybczynska, OSTC
- Matt Rutkowski, IBM
- Randall T. Vasquez, Gentoo/Homebrew
- Riccardo ten Cate, SKF
- Sebastian Crane, SPDX
- Tom Ritter, DIN