OpenSSF Releases New Guides for Developing Secure Open Source Software

In response to concerns about open source software security, the OpenSSF has released two new guides for developers and consumers:

  • Concise Guide for Developing More Secure Software is aimed at both open source and closed source software developers and offers practical advice ranging from use of multi-factor authentication to documenting vulnerabilities.
  • Concise Guide for Evaluating Open Source Software is for developers and consumers of open source software. This document aims to be “THE go-to reference for anyone considering using some open source software” and includes key points to consider when evaluating open source software for security and sustainability.

These guides were developed by the Best Practices for OSS Developers working group as part of their efforts to provide “open source developers with best practices recommendations and with an easy way to learn and apply them."