...
The role of the security SME is to work with project TSCs, the TAC and the LFNGB to improve the security of the code produced by LFN projects by
- Implementing GB to implement more secure software development best practices and tools (e.g. from the survey table)
- Secure software development best practices and tools (e.g. from the survey table),
- Software development best practices and tools that decrease the vulnerabilities in LFN project code (code scanning, package upgrades)
- Role #2
- Role #3
- ....
- ,
- Software supply chain security best practices (SBOM, code/container signing) to increase the security transparency of LFN project code,
- LFIT security practice improvement,
- OpenSSF badging assistance.
- Providing Provide subject matter expertise to the TAC and advise .
- Advising the TAC on security related issues.