I confess I am a lifelong learner – addicted to learning about new things and gaining new skills. So, when I started at The Linux Foundation, I was excited to see the depth and breadth of the training we offer (and employees have access to the catalog, so you should work here). It is truly impressive. And it makes sense. After all, the LF mission is to create the greatest shared technology investment in history by enabling open source collaboration across companies, developers, and users. Training is a necessary part of that.
For starters, we practice what we preach. Every employee – and I mean every employee, from admin to engineering – is required to take 9 different LF training courses to get an in-depth overview of open source methodologies:
Open Source 101
Open Source Introduction
A Beginner’s Guide to Open Source
Open Source Licensing Basics for Software Developers
Open Source Business Strategy
Effective Open Source Program Management
Open Source Development Practices
Open Source Compliance Programs
Collaborating Effectively with Open Source Projects
Each of these courses is also offered to the public through the LF Training and Certification portal.
LF Training and Certification Portal
Speaking of the portal, this is your one-stop-shop for all of our training and certification resources. It hosts our training programs created by well-respected developers that cover the most important open source projects and includes opportunities for certification exams. It is all vendor-neutral, providing foundational knowledge and skills in the technologies running the modern world.
You can access 30+ e-learning courses, 20+ instructor-led classes, 12+ certification exams, and 40+ free massive open online courses (MOOCs) in partnership with edX. (I just signed up for a blockchain one with 96,000 of my closest friends).
If there is a specific field of study you want to focus on, there are learning paths for:
Cloud and Containers
DevOps and Site Reliability
Linux Kernel Development
Systems Engineering and Architecture
In short there is something for you, and you can join the 2 million+ students who have enrolled and 50,000+ professionals who already earned certifications.
Developing Secure Software Course
I do want to highlight a course that came up during the Open Source Software Security Summit II a couple of weeks ago. The importance of teaching secure software development principles was one of the recommendations to improve the resiliency of open source software. Good news – the LF offers the “Developing Secure Software” (LFD121) course. It focuses on the fundamentals of developing secure software. Both the course and certificate of completion are free. It is entirely online, takes about 14-18 hours to complete, and you can go at your own pace. Those who complete the course and pass the final exam will earn a certificate of completion valid for two years.
It is geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software. It focuses on practical steps that can be taken, even with limited resources, to improve information security.
Why is it needed? Many software developers have never been told how to effectively counter the ever-increasing barrage of cyberattacks. This course explains the fundamentals of developing secure software. A basic security principle – build it more secure in the beginning and you will spend less time fending off attacks later. From the course description:
This course starts by discussing the basics of cybersecurity, such as what risk management really means. It discusses how to consider security as part of the requirements of a system, and what potential security requirements you might consider. This first part of the course then focuses on how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. It also considers how to secure your software supply chain, that is, how to more securely select and acquire reused software (including open source software) to enhance security. The second part of this course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It focuses on practical steps that you (as a developer) can take to counter the most common kinds of attacks. The third part of the course discusses how to verify software for security. In particular, it discusses the various static and dynamic analysis approaches, as well as how to apply them (e.g., in a continuous integration pipeline). It also discusses more specialized topics, such as the basics of how to develop a threat model and how to apply various cryptographic capabilities.
You can learn more about the course and enroll for free here.
We are always working to improve and expand what we offer. There are a lot of exciting announcements coming up next month during the Open Source Summit North America, including insights from our 10th Annual Open Source Jobs Report, the winners of the 500 LiFT Scholarships for 2022, some new training courses, and more. Even if you aren’t able to attend, keep an eye out for our announcements. Some exciting stuff, but I have said too much already. Sign up for the newsletter so you are the first to know when new courses are offered, and – arguably more importantly – get access to promotions. I mean – new skills and saving money, how can you say no.
I hope you have an opportunity to take some of our courses and become certified. You will be a better person for it.