Security Audit Application
The following table lists all the fields in the Project Details panel of the Security Audit Application:
Field Name | Description |
---|---|
Project Name | Name of the project which must be unique.
Note: Funds of a different type can use the same name. For example, a Travel fund and a Project fund can use the same name. |
Project Topic / Category | Type of industry that relates to your repository. Click in the field to open a list of names to choose from. Click ![]() |
Elevator pitch | Brief statement of why your project is important to support. |
Repository URL | URL of the GitHub repository. If you choose Add GITHUB Repository from the options while applying, your GitHub repository is automatically reflected in this field. |
Website URL | A link to the website that you want to associate with the fund. |
CII Project ID | The Core Infrastructure Initiative (CII) Badge Program is an open source secure development maturity model. Project admins need to apply to get a badge and CII Project ID number if their project doesn't have one. |
License Type | The software license(s) under which your project operates. |
Current Security Strategy | Brief statement about what approach are you currently following to provide security to your project, and avoid getting hacked. |
Code of Conduct URL | URL for the open source project code of conduct. If a project doesn't have a code of conduct, a program admin can create one by using a provided template. If not code of conduct is provided, the URL will default to Contributor Covenant code of conduct. |
The following table lists all the fields in the Project Branding panel of the Security Audit Application:
Filed Name | Description |
---|---|
Project Logo | A symbol or other design adopted by your organization that identifies your project. File size should be 2MB max and in JPG, PNG, or SVG format. |
Accent Color | A color that you want to use as your project brand. Enter a hexadecimal number or click in the field to open the color picker. |
The following table lists all the fields in the Project Branding panel of the Security Audit Application:
Primary Contact (Required)
Field Name | Description |
First Name | First name of the contact person for your project. |
Last Name | Last name of the contact person for your project. |
Email | Email address of the contact person for your project. |
Phone Number | Phone number of the contact person for your project. |
Other | Other contact number, such as mobile number, landline number, slack id, social media contact id, and so on of the contact person for your project. |
Preferred Method of Contact | Preferred mode of contact of the contact person. |
For Project Administrators: You leave this field blank while initially submitting the application. After you submit, OSTF reviews your application, and determines the security audit funding goal for your project. Then, you edit the application page, and complete this field.

security audit funding goal
Read and agree to the Terms and Conditions, and Submit the application.
After The Linux Foundation reviews the application, you will receive an email notification with a review decision.
Last modified 11mo ago