[Technical Initiative Funding Request]: LFX Mentorship Projects (summer cycle '26) #573
Description
Technical Initiative
BEAR WG
Lifecycle Phase
Incubating
Funding amount
$48,000 ($6k per mentee)
Problem Statement
Hands-on experience and contributions to OSS projects are a major advantage for obtaining a job in SWE and/or cybersecurity. At the same time, mentoring and coaching experiences are increasingly viewed as important leadership skills in tech jobs. Programs like the LFX Mentorship are one way to offer these experiences and opportunities.
Who does this affect?
Students and individuals from underrepresented groups often do not have the expertise to start their own projects or the resources for relevant coursework to boost the skills they need to enter the cybersecurity workforce. Cybersecurity/OSS professionals may not be able to easily find opportunities to mentor and coach others in the field through their employer, or may wish to broaden the scope of their experience.
Have there been previous attempts to resolve the problem?
The WG successfully ran the first OpenSSF Mentorship program in 2025 with 4 mentees hosted across two projects. This is a renewal request for the second iteration. If funded, this would allow us to extend the program to more projects and sponsor up to 8 mentorships that pay each mentee a stipend. Starting in 2026, we will also reserve a number of mentee positions for first-time contributors, folks who do not have prior OSS contributions and/or mentorship experience.
Why should it be tackled now and by this TI?
A core goal of the BEAR WG is to empower underrepresented individuals seeking opportunities in the cybersecurity workforce. The OpenSSF is well positioned to address this issue by participating in the LFX mentorship program as a sponsor. Further, the healthy number of OpenSSF TIs can offer a variety of opportunities by offering mentoring by experts in the field. The inaugural OpenSSF Mentorship Program in 2025 was a major success, with both participating projects returning to host mentees for a second year, and former mentees stepping up as project maintainers and co-mentors themselves! The BEAR WG would like to keep this great momentum going in 2026.
Give an idea of what is required to make the funding initiative happen
The participating TIs need to identify concrete contributions that a mentee can accomplish within the 12-week span of the mentorship. A TI may propose more than one mentorship project, if supporting more than one mentee. Each committed TI needs to have at least one available maintainer to serve as mentor in the March-August 2026 timeframe for one or more mentorship projects. We have confirmed commitments from the following TIs:
- Gittuf: 1-2 mentees
- RSTUF: 2-3 mentees
- Minder: 1 mentee
- SBOMit: 1-3 mentees
- Fifth project TBD
What is going to be needed to deliver this funding initiative?
- The Program Administrator:
- Registers project mentors
- Enrolls TIs’ projects into LFX
- Project Mentors:
- Write project summaries (to be reviewed by OpenSSF and LF)
- Review and select mentee applications
- Work with mentees during the 12-week span of the program
- More details on responsibilities for the program administrator and mentors are in the LFX mentorship docs.
Are there tools or tech that still need to be produced to facilitate the funding initiative?
N/A
Give a summary of the requirements that contextualize the costs of the funding initiative
Administrators and project mentors are unpaid volunteers. The requested funds are intended to cover up to eight $6k mentee stipends (irrespective of mentee location).
Who is responsible for doing the work of this funding initiative?
The BEAR WG co-chairs
Who is accountable for doing the work of this funding initiative?
The individual project mentors
If the responsible or accountable parties are no longer available, what is the backup contact or plan?
The Program Admin
What license is this funding initiative being used under?
N/A
Code of Conduct
- I agree to follow the OpenSSF's Code of Conduct
List the major milestones by date and identify the overall timeline within which the technical initiative plans to accomplish their goals. Any payments for services, sponsorships, etc., will require LF Legal and Financial review.
The 2026 OpenSSF Mentorship Program has the following timeline:
- March 2: Mentor signup deadline
- March 5 - March 16: Write project descriptions
- March 16 - March 20: Project description review and revisions
- March 20 - April 12: Mentee application period
- April 13 - April 30: Mentee application review
- May 1: Mentee accept/decline notifications sent
- May 5 - May 29: Mentee onboarding on LFX and project
- June 1 - August 21: 12-week mentorship program
- July 10: First mentee evaluation due
- Aug 28: Final mentee evaluation due
- TBD: Mentee final presentation to the OpenSSF community (late Aug - early Sep)
- Optional: Mentors and Mentees may be interviewed in OpenSSF’s “Whats in the SOSS?” podcast about their experience with mentorship, their projects, and other insights for the community.
If this is a request for funding to issue a contract, then OpenSSF will issue that contract. Please provide a Statement of Work (SOW) that we may review. Any contracting action will take 4-6 weeks to issue.
N/A