Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <DB89DB57-661A-4FAC-B251-7812FF978DC8@dwheeler.com>
Date: Mon, 29 Sep 2025 12:02:35 -0400
From: "David A. Wheeler" <dwheeler@...eeler.com>
To: oss-security@...ts.openwall.com
Subject: Re: How to do secure coding and create secure software

Also: We at the Linux Foundation/Open Source Security Foundation (OpenSSF)
have a free course on "Developing Secure Software (LFD121)", available here:
https://training.linuxfoundation.org/training/developing-secure-software-lfd121/
If you complete the course you can earn a digital badge.

It's *definitely* possible to create more secure software than is often seen in the wild.
However, there's much more to it than checking arguments in function calls.
Input validation (from untrusted data) is a part of it, but only a part of it.

Full disclosure: I'm the author of the LFD121 course. If you see an issue in it,
let us know, or even better, submit a pull request. The learning content is CC-BY-4.0:
https://github.com/ossf/secure-sw-dev-fundamentals

--- David A. Wheeler

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.