Artificial Intelligence

Presenters Kevin Conner Firas Ghanmi Source OpenSource SecurityCon 2026 Quantum-Proofing Sigstore: Three Bold Approaches to Secure Our Software Supply Chain 🚀 The digital world runs on trust, and in the realm of software, that trust increasingly relies on robust supply chain security. Sigstore stands as a critical pillar, ensuring the integrity and authenticity of software artifacts. But what happens when the very foundations of our cryptographic security are threatened? Enter quantum computing – a game-changer that could render today’s most secure algorithms obsolete. ...

Presenters Madalin Neag Source OpenSource SecurityCon 2026 Navigating the Global Compliance Maze: How OpenSSF OSPO’s Baseline Simplifies Security for Open Source 🌐🛡️ The world of open source software is a vibrant, collaborative engine powering critical infrastructure across the globe. From finance and healthcare to transportation and energy, open source projects are the unsung heroes. But as these projects grow in importance, so does the scrutiny they face, particularly regarding security and compliance. Madalin Neag, an EU Policy Advisor at OpenSSF, sheds light on the increasingly complex regulatory landscape and introduces a powerful solution: the OpenSSF OSPO’s Baseline. ...

Presenters Georg Kunz Jan Melen Source OpenSource SecurityCon 2026 Navigating the Cyber Resilience Act (CRA): Why Upstream Collaboration is Your Secret Weapon 🛡️🤝 The digital world is evolving at lightning speed, and with it, the complexities of securing our software supply chains. Enter the Cyber Resilience Act (CRA), a formidable new regulation poised to reshape how software manufacturers operate. But what if this challenge isn’t just a hurdle, but a golden opportunity? ...

Presenters Thijs Ebbers Tadeo Sanchez Source OpenSource SecurityCon 2026 🛡️ Beyond Zero Trust: How ING Achieves Zero Breaches with Zero Privilege Architecture Imagine a world where production environments run autonomously, human error is designed out of the system, and security breaches simply don’t happen. For the team at ING, this isn’t a pipe dream—it is their daily reality. In a recent deep dive, Thijs Ebbers (Architect) and Tadeo Sanchez (Lead Engineer) shared the secrets behind their container hosting platform’s success. The numbers speak for themselves: zero security breaches and 100% uptime. 🚀 ...

Presenters Andrew McNamara Adolfo García Veytia Source OpenSource SecurityCon 2026 Level Up Your Software Supply Chain: Policy Engines for Attestations and Provenance 🚀 Hey tech enthusiasts! 👋 Ever feel like generating software attestations and provenance is the easy part, but actually using that valuable data feels like a black box? You’re not alone! Andrew McNamara from Red Hat and Adolfo García Veytia (aka “puerco”) from the Kubernetes release engineering team are here to demystify this crucial step. They’re showcasing how policy engines can transform your attestations and provenance into actionable, automated decisions for a more secure software supply chain. ...