By Randall T. Vasquez (Gentoo), Jonathan Meadows (Citi), Andrew Aitken (Wipro)
OpenSSF is excited to announce its newest WG (Working Group), the End Users WG. This WG will focus on representing and addressing the challenges enterprises face when adopting (and using) different open-source technologies and products. Unlike many existing WGs and SIGs (Special Interest Groups), this particular WG intends to be very specific to enterprise end users organizations, which consume more than develop software. End Users are a critical part of the ecosystem, and those most vulnerable, so it’s essential to ensure their needs are heard and represented within the OpenSSF Technical Vision and Leadership.Â
The WG’s goals center around having a rich and diverse group of End Users from different backgrounds, industries, and geographies. The intention is to describe the use cases and challenges of sourcing, identifying, deploying, and maintaining software that includes or depends on open-source. These discussions, incorporating the broad OpenSSF ecosystem, intend to generate End User guidance for those challenges that can be solved or mitigated. In turn, the open forum will also allow participants to learn from each other’s experiences and get feedback, helping them arrive at better and more secure strategies.
Another focus for the WG is to provide best practice security guidance to End Users for the usage of open source software by developing various educational communications such as blogs, white papers, and other easy-to-consume research. With much of the existing research and guidance focused on developers and providers, there’s a need for more educational materials centered around End Users. Furthermore, the WG will provide input and guidance to other OpenSSF working groups to ensure the content developed by them is consumable by end users.Â
The OpenSSF End User Working Group is open to all. We encourage you to participate in these discussions; please join us on the OpenSSF Slack on the #wg_end_users channel, and stay tuned for updates.