Naveen Srinivasan & Brian Russell // OpenSSF
In Scorecard we trust
How to strengthen your software supply chain security, improve best practices, and build trust in your projects.
Privacy engineering: 8 tips to mitigate risks and secure your data
Understand what can go wrong and how to protect against the most likely scenarios.
Justin Trugman & Babitha Singh // Caregility
Incorporating security in Enterprise DevOps workflows
How Caregility prepared for third-party security audits with GitHub Advanced Security.
Justin Watts // Telus
Shift security left in one day
It’s getting easier and more intuitive to catch mistakes before they spiral into disasters.
Lisa Tagliaferri, PhD // Chainguard
Implementing software security in open source
How to automate security and build confidence in your code.
The thrill of open source security
Jonathan finds broken things and fixes them to make the world a more secure place.
There are no warranties on open source
Feross on building OSS building blocks, rewriting the rules, and releasing obligations.
John Allspaw // Adaptive Capacity Labs
What we talk about when we talk about ‘root cause’
It’s a lot more nuanced than you might think.
How Rust developers are making the web safer
The Rust programming language makes it easier to build safer software. What will it take to Rust All the Things?
How to write an internal production failure incident communication
What do you say when the system is down?
How InfoSec pros keep open source safe—and how you can help
Security pros talk about what keeps them up at night—and what they’re doing about it.
Coding is usually seen as a solitary activity, but it’s actually the world’s largest community effort led by open source maintainers, contributors, and teams. These unsung heroes put in long hours to build software, fix issues, field questions, and manage communities.
The ReadME Project is part of GitHub’s ongoing effort to amplify the voices of the developer community. It’s an evolving space to engage with the community and explore the stories, challenges, technology, and culture that surround the world of open source.