[FYI] May Update for Developer Best Practices WG for TAC

CRob Robinson (Intel)

Working Group Report


WG Name: OSS Developer BEST Practices   

WG Git Repo: https://github.com/ossf/wg-best-practices-os-developers 

WG Meeting Notes: gdoc

WG Lead(s): CRob & Xavier   

WG Members: 18 regular attendees, 20+ intermittent attendees

WG Meetings: Every 2nd Tuesday at 10am EST

WG Mission: “Our objective is to provide open source developers with best practices recommendations, and with an easy way to learn and apply them.”

WG Member SIGS:

OSSF Best Practices Badge

Secure Software Development Fundamentals courses

SKF - Security Knowledge Framework


CRE - Common Requirements Enumeration


Historic Work

Great MFA Distribution Project

Existing Guidelines for Secure Development document

Recommended compiler options for C/C++ programs document


Current Active work

Guide to Developing Secure Software one-pager - target to complete end of June

Guide to Deploying Secure Software one-pager - target to complete end of June

Package Manager Good Practices - TBD

Interactive Secure Development Infographic - TBD


Planned Future work

China OSS Developer SIG - coordinating announcement  

Education & Awareness Training SIG - coordinating kickoff SIG call






Director of Security Communications

Intel Product Assurance and Security