When your organization decides it is time to release part of your codebase as open source software it is important to consider security implications for your internal stakeholders as well as downstream users of your project. After the release of your project to the public, you have a responsibility to actively monitor and maintain your code. In this talk we will explore how to prepare your code and organize your project to ensure that security is baked in from the first release and that you lay the foundation for ensuring all stakeholders remain secure throughout the entirety of the project's lifecycle. Participants will learn how to build and improve their outbound open source security processes with initial and ongoing governance and security processes. We will also discuss planning for responsible disclosure, securing related infrastructure and documentation, as well as end of life and end of support considerations for your open source project. View Sample Policies and Template at: https://github.com/erichgoldman/outbound-open-source-policy