In June this year some of our security team members had to take a bit of a step back from their duties, but they had good reasons! Mautic was selected to join the prestigious Secure Open Source Fund second cohort, a three-week intense program led by GitHub which saw our team learning about every aspect of security from experts across GitHub and the wider technology community.
For three weeks the participants learned about everything from securing automated workflows and the tools that can be used to detect vulnerabilities through to planning for dealing with incidents and learning about the latest developments in security regarding AI/ML and MCP servers.
Attended by Project Lead Ruth Cheesley and Docker Working Group Lead Renato Castro, the training has been instrumental in helping Mautic to develop its security posture and ensure that we are operating in a way which ensures the safety and security of our ecosystem.
We’re delighted to share that we graduated from the program, which you can read about on the GitHub blog announcing the first 71 projects they worked with.
The work doesn’t stop with the end of the program, though, and that’s the beauty of this opportunity – the entire cohort of 40 open source projects and their maintainers will stay together in a private community as we all work to secure open source.
Together we will all be working through our backlog and focusing on keeping our open source projects secure.
What’s more, GitHub is also financially supporting the projects who complete the program by providing a $10,000 contribution and we’ve also been offered a substantial amount of Azure credits to support Mautic’s continued growth.
Both Renato and Ruth found the training extremely insightful:
Project Lead Ruth Cheesley said:
It was such a great opportunity to learn from the experts across GitHub and the wider technology community – not to mention from our fellow maintainers – over the course of the three weeks. We’ve already implemented many of the learnings and I’m sure it’s going to have a big impact going forward.
Renato Castro, Docker Working Group Lead said:
During the training I had the opportunity to learn more about multiple cybersecurity topics which I wasn’t completely aware of. It was awesome to discover Github’s security-driven features, and share insights with not only other open source maintainers, but also with Github experts who are very passionate about their products. The program has definitely helped us to improve Mautic’s security, making us align even more with our vision of being the most privacy (and security) focused marketing automation product on the market.
