(Arliss said each maintainer can fill the survey themselves, so I guess I will just re-post to this list and you can fill the survey if you are interested. Thanks!)
-------------------------------------------------------
Hello Sponsored Projects,
The NumFOCUS volunteer Security Committee was established in August 2023. We are excited to collaborate and find ways to help you improve the security of your project. In our charter, our mission is to establish security guidelines for sponsored projects and recommend core security services that NumFOCUS could provide to the projects by:
Developing a Cybersecurity Program Strategic Plan to inform current and future
cybersecurity best practices.
Identifying opportunities to align with existing open source, national, and international standards for security practices and documentation.
Consulting with sponsored projects as needed to perform security evaluations and address security concerns.
We are here to help and our ability to do so is directly correlated with your engagement and participation. We hypothesize that many projects experience the same challenges and require designing and implementing similar processes and tools. We want to learn more about these challenges and the state of solutions across projects. Please respond to our survey by February 29th so we can figure out how to best focus our efforts. This survey is 16 questions and should take ~5 minutes. If you consider yourself a maintainer, we want your feedback. There can be multiple responses per project.
We’d also love more direct communication and engagement. If there’s anything you’d like to discuss that’s not covered in the survey, please contact us at security-...@numfocus.org or ping Nicole Foster in the NumFOCUS slack.
Thanks, and we look forward to collaborating!
Sponsored Project Security Committee