update image paths, typos, etc

Author: reshamas

_posts/2025-08-16-gh-oss.md

@@ -1,11 +1,11 @@
 ---
-title: "scikit-learn completes the GitHub OSS Fund Training"
+title: "scikit-learn Completes the GitHub Secure Open Source Training"
 date: August 16, 2025
 categories:
   - Press
 tags:
   - Open Source
-featured-image: /assets/images/posts_images/ghs-oss-fund/gh-oss-cover.png
+featured-image: /assets/images/posts_images/gh-sosf/cover.png
 
 postauthors:
   - name: Reshama Shaikh
@@ -22,23 +22,24 @@ postauthors:
 
 scikit-learn was honored to be selected to participate in Cohort 2 of the GitHub Secure Open Source Fund (OSF) Training Program. Cohort 1 took place earlier in 2025 with 19 projects, and Cohort 2 took place with 52 projects during June 2025. 
 
-It was an intense 3-week intense training program, with over 90 open source maintainers joining the training. Read the announcement from GitHub: [Securing the supply chain at scale: Starting with 71 important open source projects](https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects) (11-Aug-2025) 
-
-There were numerous workshops delivered by experts in the GitHub Security Lab. For many of these workshops, the learning materials are publicly available, and they are shared below.
-
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/ghs-oss-blog.png" alt="logos of 15 funding partners" style="padding:1px;border:solid black" style="border-width: thick" max-width="50%" max-height="50%" /> 
+ <img src="/assets/images/posts_images/gh-sosf/blog-title.png" alt="GitHub announcement of GH-S-OS Fund" style="padding:1px;border:solid black" style="border-width: thick" max-width="50%" max-height="50%" /> 
  <figcaption>
  Original post: <a href="https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects">GH Secure OSS Announcement</a>
  </figcaption>
 </figure>
 
+
+It was an intense 3-week intense training program, with over 90 open source maintainers joining the training. Read the announcement from GitHub: [Securing the supply chain at scale: Starting with 71 important open source projects](https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects) 
+
+There were numerous workshops delivered by experts in the GitHub Security Lab. For many of these workshops, the learning materials are publicly available, and they are shared below.
+
 ### GitHub Security Lab
 GitHub has its own security department, and GitHub Security Lab’s mission is to empower developers and secure open source.
 * GitHub Security Lab: [Resources](https://securitylab.github.com/resources-os)
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/gh-security-lab.png" alt="GitHub Security Lab"  
+ <img src="/assets/images/posts_images/gh-sosf/gh-security-lab.png" alt="GitHub Security Lab"  
  style="padding:1px;border:solid black" max-width="50%" max-height="50%" />  
  <figcaption>
  Original post: <a href="https://github.com/GitHubSecurityLab">GitHub Security Lab</a>
@@ -55,35 +56,42 @@ The training provided many trainings by experts in the field. Below we share tra
 - [Secure by design: A UX toolkit](https://microsoft.design/articles/secure-by-design-a-ux-toolkit)
 
 #### CodeQL: From Zero to Hero
+
+This workshop introduces fundamentals of security research and static analysis used when looking for vulnerabilities in software. They use an example of a simple vulnerability, walk through how CodeQL could detect it, and provide examples on how the audience could use CodeQL to find vulnerabilities themselves.
+
 slides: [Finding Vulnerabilities with CodeQL](https://github.com/sylwia-budzynska/2025-soss-codeql-workshop/blob/main/SOSS-CodeQL-slides.pdf)
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/CodeQL.png" alt="CodeQL audience and topics covered" 
+ <img src="/assets/images/posts_images/gh-sosf/CodeQL.png" alt="CodeQL audience and topics covered" 
  style="padding:1px;border:solid black" max-width="50%" max-height="50%" /> 
  <figcaption>
- Original post: <a href="https://github.com/sylwia-budzynska/2025-soss-codeql-workshop">GH Secure OSS Announcement</a>
+ Original post: <a href="https://github.com/sylwia-budzynska/2025-soss-codeql-workshop">Finding Vulnerabilities with CodeQL</a>
  </figcaption>
 </figure>
 
 #### Developing Secure Software
-Learn the security basics to develop software that is hardened against attacks, and understand how you can reduce the damage and speed the response when a vulnerability is exploited. This course includes specific tips on how to use and develop open source and other software securely. It was developed by the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community, targeted initiatives, and best practices.
+
+This course includes specific tips on how to use and develop open source and other software securely. Learn the security basics to develop software that is hardened against attacks, and understand how you can reduce the damage and speed the response when a vulnerability is exploited. 
+
+It was developed by the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community, targeted initiatives, and best practices.
 
 * Online, Self Paced
 * 16-20 Hours of Course Material
 * Quizzes and Hands-on Labs
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/dss-lfd121.png" alt="course: Developing Secure Software" 
+ <img src="/assets/images/posts_images/gh-sosf/dss-lfd121.png" alt="course: Developing Secure Software" 
  style="padding:1px;border:solid black" max-width="50%" max-height="50%" /> 
  <figcaption>
  Original post: <a href="https://training.linuxfoundation.org/training/developing-secure-software-lfd121">LFD121: Developing Secure Software</a>
  </figcaption>
 </figure>
 
 #### OSS-Fuzz
+[Fuzz testing](https://en.wikipedia.org/wiki/Fuzzing) is a well-known technique for uncovering programming errors in software.
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/oss-fuzz.png" alt="OSS-Fuzz" 
+ <img src="/assets/images/posts_images/gh-sosf/oss-fuzz.png" alt="OSS-Fuzz" 
  style="padding:1px;border:solid black" max-width="50%" max-height="50%" /> 
  <figcaption>
  Original post: <a href="https://github.com/google/oss-fuzz">OSS-Fuzz</a>
@@ -92,25 +100,28 @@ Learn the security basics to develop software that is hardened against attacks,
 
 
 ### Secure Code Game
+Secure Code Game is a GitHub Security Lab initiative, providing an in-repo learning experience, where learners to secure intentionally vulnerable code. At the same time, this is an open source project that welcomes your contributions as a way to give back to the community.
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/secure-code-game.png" alt="Secure Code Game" 
+ <img src="/assets/images/posts_images/gh-sosf/secure-code-game.png" alt="Secure Code Game" 
  style="padding:1px;border:solid black" max-width="50%" max-height="50%" /> 
  <figcaption>
  Original post: <a href="https://github.com/skills/secure-code-game">Secure Code Game</a>
  </figcaption>
 </figure>
 
+### Participate in Future Cohorts of the GitHub Secure Open Source Training
+If you are a maintainer of an open source project, this training is an excellent opportunity to secure your project with guidance from highly trained experts in the security field. [Applications are open](https://docs.google.com/forms/d/e/1FAIpQLScDBalom0XhmJrvyI3kwD7dZ-dD4_uhmLNysVXtA8fH_WUKoA/viewform). 
 
 ### References
 - [Securing the supply chain at scale: Starting with 71 important open source projects](https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects) (11-Aug-2025)
+- TechCrunch: [GitHub launches $1.25M open source fund with a focus on security](https://techcrunch.com/2024/11/19/github-launches-1-25m-open-source-fund-with-a-focus-on-security) (19-Nov-2024)
 - [GitHub Secure Open Source Fund](https://resources.github.com/github-secure-open-source-fund/)
-- [GitHub launches $1.25M open source fund with a focus on security](https://techcrunch.com/2024/11/19/github-launches-1-25m-open-source-fund-with-a-focus-on-security) (November 2024)
 - [Eclipse Foundation Security Policy](https://www.eclipse.org/security/policy)
 - [Linux Foundation Security Policy](https://www.linuxfoundation.org/security)
 
-### Blogs from other open source projects
-- OpenCV: [https://opencv.org/blog/opencvs-participation-in-the-github-secure-open-source-fund](https://opencv.org/blog/opencvs-participation-in-the-github-secure-open-source-fund)
+### Blogs from Participating Open Source Projects
+- OpenCV: [OpenCV’s Participation in the GitHub Secure Open Source Fund](https://opencv.org/blog/opencvs-participation-in-the-github-secure-open-source-fund)
 - Bootstrap: [Bootstrap at GitHub Secure Open Source Fund](https://www.linkedin.com/pulse/bootstrap-github-secure-open-source-fund-julien-d%2525C3%2525A9ramond-cvjie)
 - Cobra & Viper: [Cobra & Viper Fortify Security as Part of GitHub Secure Open Source Fund](https://spf13.com/p/cobra-viper-fortify-security-as-part-of-github-secure-open-source-fund)
 - Zitadel: [A Leap Forward in Security: Our Journey with the GitHub Secure Open Source Fund](https://zitadel.com/blog/github-secure-open-source-fund)
@@ -119,20 +130,23 @@ Learn the security basics to develop software that is hardened against attacks,
 
 ## Acknowledgments
 
-Thank you to the sponsors of the GitHub Secure Open Source Secure Fund.
+Thank you to the funders and ecosystem partners of the GitHub Secure Open Source Fund.
+
+**Funding Partners:** Alfred P. Sloan Foundation, American Express, Chainguard, Datadog, Herodevs, Kraken, Mayfield, Microsoft, Shopify, Stripe, Superbloom, Vercel, Zerodha, 1Password
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/ghs-oss-funders.png" alt="Sponsors" style="padding:1px;border:solid black" 
+ <img src="/assets/images/posts_images/gh-sosf/funders2.png" alt="Sponsors" style="padding:1px;border:solid black" 
  max-width="50%" max-height="50%" /> 
  <figcaption>
  <a href="https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects"></a>
  </figcaption>
 </figure>
 
-Thank you to the ecosystem partners of the GitHub Secure Open Source Secure Fund.
+
+**Ecosystem Partners:** Ecosyste.ms, CURIOSS, Digital Data Design Institute Lab for Innovation Science, Digital Infrastructure Insights Fund, Microsoft for Startups, Mozilla, OpenForum Europe, Open Source Collective, OpenUK, Open Technology Fund, OpenSSF, Open Source Initiative, OpenJS Foundation, University of California, Santa Cruz OSPO, Sovereign Tech Agency, SustainOSS
 
 <figure>
- <img src="/assets/images/posts_images/ghs-oss-fund/ghs-oss-ecosystem.png" alt="Ecosystem Partners" style="padding:1px;border:solid black" 
+ <img src="/assets/images/posts_images/gh-sosf/ecosystem.png" alt="Ecosystem Partners" style="padding:1px;border:solid black" 
  max-width="50%" max-height="50%" /> 
  <figcaption>
  <a href="https://github.blog/open-source/maintainers/securing-the-supply-chain-at-scale-starting-with-71-important-open-source-projects"></a>