Best Practices Badge

The Open Source Security Foundation (OpenSSF) Best Practices Badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Projects can voluntarily self-certify, at no cost, by using this web application to explain how they follow each best practice. The OpenSSF Best Practices Badge is inspired by the many badges available to projects on GitHub. Consumers of the badge can quickly assess which FLOSS projects are following best practices and, as a result, are more likely to produce higher-quality secure software.

The OpenSSF Best Practices Badge website outlines the criteria for the passing badge, provides an example, shows participating projects, and supports queries to show projects that have a passing badge. This project was formerly known as the Core Infrastructure Initiative (CII) Best Practices Badge and was formally renamed as part of OpenSSF in late 2021. More information on the OpenSSF Best Practices Badging program is available on GitHub.

Best Practices Badge is developed under the OpenSSF organization, as a part of the Best Practices Working Group.