Skip to main content

Plan for Improving Software Developer Security Education

The OpenSSF Plan for Improving Software Developer Security Education provides recommendations on how to improve the security education of software developers worldwide by expanding training materials and incentives for that training. In this report we briefly justify why secure software development education is needed and then summarize the current state of educational materials. We then discuss the OpenSSF education efforts from 2022 through 2023, including the identified need to “collect and curate content”, and identify focused requirements. We conclude with a summary of OpenSSF education efforts that we propose for 2024 as well as those underway.

Fill out the form to download your copy of the Plan for Improving Software Developer Security Education

A Japanese language version of the paper is also available for download.

The plan recommends the prioritization of educational materials:

For any software developer
Improved version of “fundamentals of developing secure software” course

For manager supervising developers
What managers should expect developers to know and do to develop secure software

For software developer (specific ecosystem & specialized topics, e.g., threat modeling)
Deeper security knowledge on a specific ecosystem or topic

Download our Plan for Improving Software Developer Security Education to learn more.