Artificial Intelligence

Presenters Adolfo Garcia Jun (Victor) Lu Source OpenSource SecurityCon NA 2025 Securing the Future: Building Trust in AI with SBOMs and Model Signing 🛡️✨ The AI revolution is here, and with it comes an exciting wave of innovation. But as we harness the power of artificial intelligence, a critical question arises: how do we ensure it’s secure and trustworthy? That’s precisely the challenge the tech world is tackling head-on, and at a recent conference, the conversation around AI governance and security took center stage. Get ready, because we’re diving deep into how we can build a more secure AI future, one component at a time! 🚀 ...

Presenters Jack Cable Source OpenSource SecurityCon NA 2025 Securing the Digital Foundation: How Policy and AI are Reshaping Open Source Security 🚀 Hey tech enthusiasts! Ever stopped to think about the invisible scaffolding that holds up so much of our digital world? That’s right, we’re talking about open-source software (OSS). And as the digital landscape evolves at lightning speed, so too must our approach to securing this vital foundation. Jack Cable, co-founder and CEO of Corridor, recently shared some fascinating insights on how government policy and the rise of AI are dramatically changing the game for OSS security. Let’s dive in! 🌊 ...

Presenters Juanita Gomez Source OpenSource SecurityCon NA 2025 Unveiling the Security Secrets of Academic Open Source 🛡️: A Deep Dive into UC System Projects Ever wondered about the security of the open source projects born from our academic institutions? Juanita, a PhD candidate at UC Santa Cruz and a dedicated Python community member, recently pulled back the curtain on the open source landscape within the University of California (UC) system. Her groundbreaking research reveals a picture that’s both fascinating and, frankly, a little concerning when it comes to security best practices. Let’s dive into what she discovered! 🚀 ...

Presenters Billy Lynch Source OpenSource SecurityCon NA 2025 Where Do Your Source Attestations Live? Navigating the Labyrinth of Metadata 🗺️ Hey tech enthusiasts! Ever felt like you’re drowning in a sea of metadata, wondering where exactly to stash those crucial source attestations? You’re not alone! At a recent lightning talk, Billy Lynch from Chain Guard dove deep into this very question, exploring strategies for storing and discovering these vital pieces of information. Let’s break down the key takeaways and ponder the future of source attestation storage. 💡 ...

Presenters Pavel Shukhman Source OpenSource SecurityCon NA 2025 Demystifying the Software Supply Chain: Your Guide to the Transparency Exchange API 🚀 Ever felt like you’re playing a guessing game when it comes to the “ingredients” in your software? You’re not alone! In today’s complex digital world, understanding what goes into our products isn’t just good practice; it’s becoming a necessity, especially with new regulations like the EU CRA on the horizon. This is where the revolutionary Transparency Exchange API (TX API) steps in, promising to transform how we manage and share Software Bills of Materials (SBOMs). ...