The majority of OST2 classes are created by volunteers on topics that they are passionate about teaching to others. However, OST2 also seeks Partners, or other entities interested in making classes available freely to the public, to help fund the targeted creation of classes.
The below are topic areas where OST2 may be able to acquire funding towards the creation of classes. Therefore we are posting these Requests for Proposals (RPFs) seeking information from individuals or organizations interested in creating classes in these areas, so that we can engage if funding becomes available.
To submit content that you'd like considered for an RFP, please email the following information to rfp@ost2.fyi:
Course syllabus
Instructors' names & biographies
Whether the course would be created new or has been delivered in the past
If delivered in the past, in what venues
If new, approximately how long it would take to create
Trusted Computing
The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define, and promote open, vendor-neutral, global industry specifications and standards that form the backbone of the theory of trusted computing.
We are seeking classes on how to use TCG technologies such as:
Instructors should be familiar with the existing Trusted Computing content, and ensure that their classes utilizes them as prerequisites where appropriate.
If you have or would like to make class content in these areas, please respond to the RFP email above.
Critical Information Security Controls
The Center For Internet Security (CIS) is a non-profit which publishes the CIS Critical Security Controls (CIS Controls), which provide a prioritized view of what organizations need to be focusing on for securing their environments. OST2 is seeking classes to teach the CIS Controls, which are:
Inventory and Control of Enterprise Assets
Inventory and Control of Software Assets
Data Protection
Secure Configuration of Enterprise Assets and Software
Account Management
Access Control Management
Continuous Vulnerability Management
Audit Log Management
Email and Web Browser Protections
Malware Defenses
Data Recovery
Network Infrastructure Management
Network Monitoring and Defense
Security Awareness and Skills Training
Service Provider Management
Application Software Security
Incident Response Management
Penetration Testing
Classes would ideally be focused on the overall CIS Controls, and recommended safeguards, procedures, and tools.
If you have or would like to make class content in these areas, please respond to the RFP email above.
Other System Security Topics
We are also seeking proposals for additional classes in the following areas:
Real-Time Operating Systems (RTOS) Internals
FreeRTOS
ThreadX
Zephyr
Android Security Assessment
ARM OS Internals
ARM Trusted Execution Environments (TEEs)
ARM Trusted Firmware (TF-A/M)
ARM Confidential Compute Architecture (CCA)
If you have or would like to make class content in these areas, please respond to the RFP email above.