GitHub Announces Open Source Security Fund
Written by Kay Ewbank   
Tuesday, 03 December 2024

A new security-focused program, the GitHub Secure Open Source Fund, will invest $1.25M across 125 open source projects. The project is backed by the support of organizations including American Express, Chainguard, 1Password and Zerodha.

GitHub says the program is designed to financially and programmatically improve security and sustainability of open source projects. In addition to funding, selected projects will receive three weeks of security education, mentorship, free tooling and certification.

githubdeklogo

GitHub says maintainers will get tools like GitHub Copilot and Copilot Autofix to help "improve security posture, reduce security debt, and improve confidence of downstream users". This element will include access and training for Copilot, Copilot Autofix, and secret scanning.

All the funding will go directly to maintainers via GitHub Sponsors, and anyone who is a current maintainer of an open source project with a valid open source license and located in one of the regions supported by GitHub Sponsors can apply.

The funding means participants will receive $10,000 per project. They will also have the educational element consisting of three weeks of a 5-10 hour commitment each week with a mix of 1-to-1, instruction, workshops, group sessions, project work, and mentorship. Projects will also have focused work towards project-specific security milestones agreed between the project, the program managers, and GitHub Security Lab.

Alongside the educational time, participants will get dedicated time with the GitHub Security Lab team to establish effective security policies and best practices for incident management planning and support. They will also be able to take part in Q&As with GitHub Sponsors funders, community members, and GitHub leaders, and have access to security experts from the GitHub Security Lab, Q&As with GitHub Sponsors funders, community members, and GitHub leaders.

The participants will also get alumni support and networking, access to a new GitHub Secure Open Source community, and help with preparing projects to meet the requirements of policies like Secure by Design and the EU Cyber Resilience Act. Projects will also receive program certification and bi-annual security health reviews.

Applications are currently open for projects that would like funding, and will continue on a rolling basis until January 7 2025.

githubdeklogo

More Information

GitHub Secure Open Source Fund

Secure Open Source Fund Application Link

Related Articles

GitHub Announces 2024 Accelerator Cohort Winners

GitHub Updates Sponsorship Program For Open Source

GitHub Sponsors - Money For Open Source

GitHub Enterprise Server 3.10 Improves Security

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


50 Years Of the Intel 8080
05/01/2025

The Intel 8080 was the very first multi-purpose microprocessor and as such played a pivotal role in the evolution of personal computing. 2024 was the 50th anniversary of the chip that influenced  [ ... ]



Robot Xmas 2024
25/12/2024

Robots have fun at Xmas too. Let's see what impressive videos their masters have created for us this year.


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Tuesday, 03 December 2024 )