ossf/secure-sw-dev-fundamentals

Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)

CSSCC-BY-4.0

Issues

Add reference to EU CRA, especially annex I
#184 opened 13 days ago by david-a-wheeler
0
Add new lab for arguments
#175 opened 3 months ago by david-a-wheeler
0
Need to fix availability test question
#162 opened 4 months ago by david-a-wheeler
0
Note SHA-256 length extension attack, HMAC, replay attacks
#128 opened 2 years ago by david-a-wheeler
1
Including EPSS in addition to CVSS?
#161 opened 5 months ago by nmav
0
Put images in `images/` folder
#141 opened 8 months ago by za
1
Add discussion on peer review and signing
#146 opened a year ago by david-a-wheeler
0
Example(s) for "You should instead have a plan for handling when (not if) your cryptographic algorithms and protocols are broken."?
#140 opened a year ago by TobiasWehrum
0
Github vulnerability reporting
#111 opened a year ago by theresa-m
1
Provide alternatives for telling the user that "an account with that email address already exists" during signup
#134 opened a year ago by TobiasWehrum
2
Embedded software: Add firmware info, make it clear it applies
#135 opened a year ago by david-a-wheeler
1
Regex ReDos test answer is incomplete/incorrect
#127 opened 2 years ago by wdoekes
0
Generate a PDF for a book
#115 opened 2 years ago by david-a-wheeler
3
Create video introductions for chapters
#110 opened 2 years ago by david-a-wheeler
0
Tweak quiz heading names and levels
#101 opened 2 years ago by david-a-wheeler
2
Extend fundamentals course to discuss build/distribution security
#90 opened 2 years ago by david-a-wheeler
0
Regex example is incorrect
#36 opened 3 years ago by Fryguy
1
Review/respond to LFD121 feedback
#83 opened 2 years ago by david-a-wheeler
0
Create clarifying images using DALL-E-2
#71 opened 3 years ago by david-a-wheeler
1
Can I write a sentence about offensive security engineers?
#75 opened 2 years ago by oliviagallucci
3
Does this refer to user permissions?
#74 opened 2 years ago by oliviagallucci
1
Italicize titles
#73 opened 2 years ago by oliviagallucci
1
Add Cycode's GitHub Actions Vulnerabilities example
#72 opened 3 years ago by david-a-wheeler
0
Review to ensure coverage to Secure Code Warrior survey knowledge
#70 opened 3 years ago by david-a-wheeler
0
Growl npm module as STORY TIME?
#69 opened 3 years ago by david-a-wheeler
0
Consider adding XBox password as STORY TIME
#68 opened 3 years ago by david-a-wheeler
0
Cite the resources on lines 431 through 441
#56 opened 3 years ago by oliviagallucci
0
CIA triad image looks like regular triangle on dark mode
#39 opened 3 years ago by oliviagallucci
0
Update for OWASP Top 10 2021 and 2021 CWE Top 25
#7 opened 3 years ago by david-a-wheeler
1
Add questions for final exam
#26 opened 3 years ago by david-a-wheeler
0
Define trusted / untrusted sooner
#27 opened 3 years ago by david-a-wheeler
0
Add dependency confusion (substitution attack)
#10 opened 3 years ago by david-a-wheeler
0
Link to relevant OpenSSF work
#19 opened 3 years ago by david-a-wheeler
0
Discuss (unsigned) integer wraparound & vulnerabilities
#16 opened 3 years ago by david-a-wheeler
0
Are there any plans to provide videos of the content?
#17 opened 3 years ago by MaineC
3
Review NICE Framework (NIST)
#14 opened 3 years ago by david-a-wheeler
0
Discuss browser-side sanitizer API
#13 opened 3 years ago by david-a-wheeler
0
Add more about container security best practices
#12 opened 3 years ago by david-a-wheeler
0
Define 0-day
#11 opened 3 years ago by david-a-wheeler
0
Add more code examples (wrong/right)
#9 opened 3 years ago by david-a-wheeler
0
Add more vignettes (STORY TIME)
#8 opened 3 years ago by david-a-wheeler
0
Review Software Assurance Curriculum Project Volume II
#5 opened 4 years ago by david-a-wheeler
0
Add/extend course information
#2 opened 4 years ago by david-a-wheeler
0
OpenSecurityTraining: Cross-connections to exploitation curricula
#1 opened 4 years ago by david-a-wheeler
0