Written by Steve Lipner, SAFECode Executive Director

Open Source Security FoundationA couple of months ago, David Wheeler of OSF asked me to comment on the draft of a series of secure development training courses that OpenSSF was planning to release through the edX learning platform. On reviewing the draft, I found that the courses were a great introduction to secure development including the problems developers face and best practices for tackling those problems. While the courses don’t address every programming language or every possible vulnerability, they do introduce the fundamentals and many specifics, and also provide developers with knowledge and context that will enable them to learn what they need to tackle new problems and technologies. I was also happy to see that the courses include references to a lot of our SAFECode materials on secure development.

File:EdX Logo.PNG - Wikimedia CommonsThe courses are intended for software developers (including DevOps professionals, software engineers, and web application developers) and others interested in learning how to develop secure software. The OpenSSF training program includes a Professional Certificate program, Secure Software Development Fundamentals, which can allow individuals to demonstrate they’ve mastered this material. Public enrollment for the courses and certificate is open now. 

As a member of OpenSSF, SAFECode is happy to see the release of this material. We’re sure it will prove useful to a lot of developers and to the organizations and open source projects they work with.