The Open Source Security Foundation (OpenSSF) has developed free courses for software developers on how to develop secure software.
- Securing Projects with OpenSSF Scorecard Course: Securing Projects with OpenSSF Scorecard (LFEL1006) is available on the Linux Foundation Training & Certification platform and is designed with end users of Scorecard tooling in mind. This course will cover how to integrate the OpenSSF Scorecard into your software development life cycle.
- Secure Software Development Fundamentals Courses: The “Developing Secure Software” (LFD121) course is available on the Linux Foundation Training & Certification platform. It focuses on the fundamentals of developing secure software. Both the course and certificate of completion are free. It is entirely online, takes about 14-18 hours to complete, and you can go at your own pace. Those who complete the course and pass the final exam will earn a certificate of completion valid for two years.
- Securing Your Software Supply Chain with Sigstore Course: Securing Your Software Supply Chain with Sigstore (LFS182x) is available on the Linux Foundation Training & Certification platform and is designed with end users of Sigstore tooling in mind. Building and distributing software that is secure throughout its entire lifecycle can be challenging, leaving many projects unprepared to build securely by default. Attacks and vulnerabilities can emerge at any step of the chain, from writing to packaging and distributing software to end users. Sigstore is one of several innovative technologies that have emerged to improve the integrity of the software supply chain, reducing the friction developers face in implementing security within their daily work.