Our editors pick the products and services we write about. When you buy through our links, ZDNet may earn a commission.

Open Source Security Foundation launches a new certification program on edX

The Linux Foundation's OpenSSF is introducing a suite of security classes and a certification for open-source programmers.

If you're a programmer and you've heard it once, you've heard it a thousand times. "Build security into your programs!" That's easy to say, but how, exactly, do you do that? The Linux Foundation's Open Source Security Foundation (OpenSSF) has an answer: A set of three free classes and a certification program to get your security skills up to speed. 

Also: Best online learning platforms in 2020

Free Secure Software Development courses

On the edX learning platform

The three free courses on how to develop secure software will be offered on the edX learning platform. These classes are intended for the full range of software developers, including DevOps professionals, software engineers, and web application developers. Indeed, anyone interested in learning how to develop secure software will find these courses useful. Besides teaching you how to develop secure software, they also deal with how to reduce damage when a bug is found. They will also help you learn how to quickly analyze and fix security holes when one is found.

The classes are:

The courses focus on practical developer steps you can use to counter the most common kinds of attacks. 

View Now at edX

Specifically, they dig into common risks and requirements, design principles, and evaluating code (such as packages) for reuse. They also focus on key implementation issues, including input validation, processing data securely, calling out to other programs, sending output, cryptography, error handling, and incident response. This is followed by a discussion on various kinds of verification issues, including security testing and penetration testing, and security tools. The classes conclude with a discussion on deployment and handling vulnerability reports.

Professional Secure Software Development Fundamentals certificate

On the edX learning platform

The OpenSSF training program includes a Professional Certificate program: Secure Software Development Fundamentals. Enrollment for the courses and certificate is open now. Course content and the Professional Certificate program tests will become available on Nov. 5. 

This is an online, self-paced program. The course work was created by the well known David A. Wheeler. The Linux Foundation's Director of Open Source Supply Chain Security. OpenSSF and edX estimates it will take an hour or two a week for five months to master the coursework and be able to pass the certification test. While the classes are free, the certification program currently costs a discounted $537.30.

$537 at edX

ZDNet Recommends

Best Linux Foundation classes in 2020: Intro to Linux, Cloud Engineer Bootcamp, and more

Want a good tech job? Then you need to know Linux and open-source software. One of the best ways to pick them up is via a Linux Foundation course.

Read More

Mike Dolan, The Linux Foundation's Senior VP and GM of Projects, said: "We're excited to offer the Secure Software Development Fundamentals professional certificate program to support an informed talent pool about open source security best practices." You should be excited, too. As the recent 2020 Open Source Jobs Report showed, demand is higher than ever for open-source and Linux savvy employees and 52% of hiring managers are more likely to hire you if you have appropriate certification.

One final note, the OpenSSF is incorporating the Core Infrastructure Initiative (CII) projects. CII has been working on securing older, popular open-source programs, which were not receiving enough funding. These programs include the CII Census, a quantitative analysis to identify critical OSS projects; CII Best Practices badge project; and the CII FOSS Contributor Survey, a quantitative survey of OSS developers. Both will become part of the OpenSSF Securing Critical Projects working group. These efforts will continue to be implemented by the Laboratory for Innovation Science at Harvard (LISH)

Related Stories: