Security Audit Application

Project Details

The following table lists all the fields in the Project Details panel of the Security Audit Application:

Field Name

Description

Project Name

Name of the project which must be unique. Note: Funds of a different type can use the same name. For example, a Travel fund and a Project fund can use the same name.

Project Topic / Category

Type of industry that relates to your repository. Click in the field to open a list of names to choose from. Click after you select a category from the list.

Elevator pitch

Brief statement of why your project is important to support.

Repository URL

URL of the GitHub repository. If you choose Add GITHUB Repository from the options while applying, your GitHub repository is automatically reflected in this field.

Website URL

A link to the website that you want to associate with the fund.

CII Project ID

The Core Infrastructure Initiative (CII) Badge Program is an open source secure development maturity model. Project admins need to apply to get a badge and CII Project ID number if their project doesn't have one.

License Type

The software license(s) under which your project operates.

Current Security Strategy

Brief statement about what approach are you currently following to provide security to your project, and avoid getting hacked.

Code of Conduct URL

URL for the open source project code of conduct. If a project doesn't have a code of conduct, a program admin can create one by using a provided template. If not code of conduct is provided, the URL will default to Contributor Covenant code of conduct.

Project Branding

The following table lists all the fields in the Project Branding panel of the Security Audit Application:

Filed Name

Description

Project Logo

A symbol or other design adopted by your organization that identifies your project. File size should be 2MB max and in JPG, PNG, or SVG format.

Accent Color

A color that you want to use as your project brand. Enter a hexadecimal number or click in the field to open the color picker.

Project Contacts

The following table lists all the fields in the Project Branding panel of the Security Audit Application:

Primary Contact (Required)

Field Name

Description

First Name

First name of the contact person for your project.

Last Name

Last name of the contact person for your project.

Email

Email address of the contact person for your project.

Phone Number

Phone number of the contact person for your project.

Other

Other contact number, such as mobile number, landline number, slack id, social media contact id, and so on of the contact person for your project.

Preferred Method of Contact

Preferred mode of contact of the contact person.

Security Audit Funding Goal

For Project Administrators: You leave this field blank while initially submitting the application. After you submit, OSTF reviews your application, and determines the security audit funding goal for your project. Then, you edit the application page, and complete this field.

security audit funding goal

Terms and Conditions

Read and agree to the Terms and Conditions, and Submit the application.

After The Linux Foundation reviews the application, you will receive an email notification with a review decision.