diff --git a/README.md b/README.md index 2f1047e3..d8b5a5ef 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ Our work is organized into several discrete-yet-related projects that help us ac | Effort | Description | Git Repo | Slack Channel | Mailing List | | ------------------ | ------------------------ | ------------------- | ----------- | ---------- | -| Best Practices Guides | Longer reference documents on implementing specific secure techniques | - [Compiler Annotations for C and C++ (incubating)](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Annotations-for-C-and-C++.html),

- [Compiler Options Hardening Guide for C and C++](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++),

- [Existing Guidelines for Developing and Distributing Secure Software](https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Existing%20Guidelines%20for%20Developing%20and%20Distributing%20Secure%20Software.md),

- [Package Manager Best Practices (incubating)](https://github.com/ossf/package-manager-best-practices),

- [npm Best Practices Guide](https://github.com/ossf/package-manager-best-practices/blob/main/published/npm.md),

- [Source Code Management Platform Configuration Best Practices](docs/SCM-BestPractices/README.md),

- [Cyber Resilience Act (CRA) Brief Guide for Open Source Software (OSS) Developers](https://best.openssf.org/CRA-Brief-Guide-for-OSS-Developers).

- [Secure Coding Guide for Python](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/Secure-Coding-Guide-for-Python), | - [#wg-best-practices-compilers](https://openssf.slack.com/archives/C07LH7RH8MT),

- [#wg-best-practices-scm](https://openssf.slack.com/archives/C058EC1EZ5Y) | | +| Best Practices Guides | Longer reference documents on implementing specific secure techniques | - [Compiler Annotations for C and C++ (incubating)](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Annotations-for-C-and-C++.html),

- [Compiler Options Hardening Guide for C and C++](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++),

- [Existing Guidelines for Developing and Distributing Secure Software](https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Existing%20Guidelines%20for%20Developing%20and%20Distributing%20Secure%20Software.md),

- [Source Code Management Platform Configuration Best Practices](docs/SCM-BestPractices/README.md),

- [Cyber Resilience Act (CRA) Brief Guide for Open Source Software (OSS) Developers](https://best.openssf.org/CRA-Brief-Guide-for-OSS-Developers).

- [Secure Coding Guide for Python](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/Secure-Coding-Guide-for-Python), | - [#wg-best-practices-compilers](https://openssf.slack.com/archives/C07LH7RH8MT),

- [#wg-best-practices-scm](https://openssf.slack.com/archives/C058EC1EZ5Y) | | | Concise Guides SIGs | Quick Guidance around Open Source Software Development Good Practices | - [Concise Guide for Developing More Secure Software](https://best.openssf.org/Concise-Guide-for-Developing-More-Secure-Software),

- [Concise Guide for Evaluating Open Source Software](https://best.openssf.org/Concise-Guide-for-Evaluating-Open-Source-Software) | | [Mailing List](https://lists.openssf.org/g/openssf-wg-best-practices) | | Education SIG - (incubating) | To provide industry standard secure software development training materials that will educate learners of all levels and backgrounds on how to create, compose, deploy, and maintain software securely using best practices in cyber and application security. | [EDU.SIG](https://github.com/ossf/education/) (course links are there) | [stream-01-security-education](https://openssf.slack.com/archives/C03FW3YGXH9) | [Mailing List](https://lists.openssf.org/g/openssf-sig-education) | |[OpenSSF Best Practices Badge - formerly CII Best Practices badge](https://www.bestpractices.dev/) | Identifies FLOSS best practices & implements a badging system for those practices, | [best-practices-badge](https://github.com/coreinfrastructure/best-practices-badge) | | |