The Open Source Security Foundation (OpenSSF), of the Linus Foundation, is offering free security training to developers who are using open-source software. The training aims to advance DevSecOps practices and is due to start this week.
As more and more applications have started to implement open-source software, there are a number of new potential threats coming from vulnerabilities introduced by code. These vulnerabilities, however, can be dealt with easily by giving developers free access to training, so they are prepared for any eventuality.
The training is available online and is designed to teach developers and software engineers on how to create secure software all the while decreasing the possibility of damage and increasing the speed of reaction when a vulnerability is found.
OpenSSF also introduced existing projects form the Core Infrastructure Initiative (CII), and new contributors, which will help developers and software engineers develop and grow with open-source.
Having open-source software leads to better productivity, however, if a vulnerability is discovered, a multitude of projects are at risk. In order to ensure the reliability of open source code, it is necessary to make sure the code is secure. Thus, open-source security needs to shift left and give developers the proper training to the best DevSecOps practices.