🎙️ Submit your talk for: OpenSSF Community Day Europe by July 12

David Wheeler

A New Course on Secure AI/ML-Driven Software Development

The Open Source Security Foundation (OpenSSF) has launched a new free course, Secure AI/ML-Driven Software Development (LFEL1012), authored by David A. Wheeler. As AI and machine learning become core to modern software development, this course helps developers understand and mitigate the security risks associated with AI code assistants. In just one hour, learners will gain…

Distinguish between source and vendor

It’s important to distinguish the term “source” (any source of a good or service) from the term “vendor” (a source who is paid and has a contractual relationship), especially when discussing software. Here’s why.

Securing Open Source Software is Securing Critical Infrastructure

Securing critical OSS components and infrastructure is an important part of securing critical infrastructure. When we consider open source critical infrastructure we must keep in mind that not all OSS is equally important, but some OSS (& its supporting infrastructure) are very critical. Several initiatives are underway at the OpenSSF to identify and fill gaps…

OpenSSF Makes Secure Software Development Training Available on Organizations’ Learning Management Systems

The free "Developing Secure Software" (LFD121) online training course is now available through SCORM Connect, so that organizations with their own SCORM-compliant Learning Management Systems (LMSs) can integrate the course into their own LMSs. Making this training that is available for free through Linux Foundation Training & Certification also accessible through LMS’ where students and…