OpenSSF Offers Free Training on Developing Secure Software

The Open Software Security Foundation (OpenSSF) has created three courses on developing secure software, which are being offered for free as part of the Secure Software Development Fundamentals Professional Certificate program, on the nonprofit edX learning platform.

The program is aimed at all software developers, according to the OpenSSF blog, and it "focuses on practical steps that any software developer can easily take, not theory or actions requiring unlimited resources."

The courses are specifically designed to teach how to develop secure software while reducing damage and increasing the speed of the response when a vulnerability is found. The program includes a Professional Certificate program, Secure Software Development Fundamentals, which can allow individuals to demonstrate that they've mastered this material.

The OpenSSF, which is a project within the Linux Foundation in August of this year, was created to provide a structured forum for a collaborative, cross-industry effort, the blog reads. It's billed as a cross-industry organization that brings together the industry's most important open-source security initiatives and the individuals and companies that support them. It combines the Linux Foundation's Core Infrastructure Initiative (CII), founded in response to the 2014 Heartbleed bug, and the Open Source Security Coalition, founded by the GitHub Security Lab to build a community to support the open source security for decades to come.

The OpenSSF "is committed to working both upstream and with existing communities to advance open source security for all," according to the blog.

"The OpenSSF has already demonstrated incredible momentum which underscores the increasing priorities placed on open source security," said Mike Dolan, SVP and GM of Projects at The Linux Foundation, in a statement. "We're excited to offer the Secure Software Development Fundamentals professional certificate program to support an informed talent pool about open source security best practices."

The OpenSSF is releasing the course materials today (Nov. 5), and public enrollment for the courses and certificate is open now.

The OpenSSF also announced that 16 new contributors have joined as members this year, including Arduino; AuriStor; Canonical; Debricked; Facebook; Huawei Technologies; iExec Blockchain Tech; Laboratory for Innovation Science at Harvard (LISH); Open Source Technology Improvement Fund; Polyverse Corporation; Renesas; Samsung; Spectral; SUSE; Tencent; Uber; and WhiteSource.

Membership is not required to participate in the OpenSSF. For more information about the new members is available on the OpenSSF website.

About the Author

John K. Waters is the editor in chief of a number of sites, with a focus on high-end development, AI and future tech. He's been writing about cutting-edge technologies and culture of Silicon Valley for more than two decades, and he's written more than a dozen books. He also co-scripted the documentary film Silicon Valley: A 100 Year Renaissance, which aired on PBS.  He can be reached at [email protected].