What's in the SOSS? An OpenSSF Podcast Scaling Security: Inside the GitHub Securing Open Source Software Fund
7 snips
May 13, 2025 In this engaging discussion, Kevin Crosby, who leads funding programs at GitHub, and Xavier Rene-Corail, Senior Director of Security Research, delve into the GitHub Secure Open Source Fund. They reveal how this initiative combines funding and community resources to boost security in open source projects. The duo shares insights on the program’s unique curriculum, the impressive outcomes from the first cohort, and the significance of tailored education in empowering maintainers. Plus, they discuss what’s next for this evolving initiative!
AI Snips
Chapters
Transcript
Episode notes
Funding Plus Training Drives Security
- Combining funding, training, and community creates the greatest impact for open source security.
- Aligning these elements incentivizes maintainers to adopt and sustain secure practices.
Participate in Security Fund Program
- Apply to the Securing Open Source Software Fund to receive a $10K stipend and intensive security training.
- Engage fully in the program's boot camp and ongoing check-ins to embed security best practices.
Craft Engaging Security Curriculum
- Offer a mix of basic and advanced security training to meet varied maintainer skill levels.
- Make training interactive and fun to improve engagement and learning effectiveness.