DevOps

Presenters Hannah Foxwell Justin Cormack Sal Kimmich Erika Heidi Josh Bressers Source OpenSource SecurityCon 2026 Navigating the Storm: Practical Strategies for Modern Supply Chain Security 🛡️ The digital landscape is a battlefield, and the supply chain is the new frontier. From the chilling lyrics of a song about relentless attacks to the serious discussions of industry leaders, one thing is clear: the threat to our software supply chains is real, it’s evolving, and we need practical strategies to defend ourselves. This panel brought together some brilliant minds to tackle this critical issue, and here’s a breakdown of their insights. ...

Presenters Marina Moore Alex Zenla Source OpenSource SecurityCon 2026 The Unseen Dangers in Open Source: A Deep Dive into a Critical Tar Bug 🐛💻 Hey tech enthusiasts! 👋 Ever wonder what lurks beneath the surface of the open-source software you use every day? Today, we’re diving deep into a fascinating, albeit slightly terrifying, bug that Marina Moore (Head of Research at Ada) and Alex Zenla (CTO of Ada) stumbled upon. This isn’t just about a single bug; it’s a journey into the intricate world of software supply chain security, the complexities of open-source ecosystems, and the often-overlooked responsibilities of project maintainers. 🚀 ...

Presenters Yongjae Chung Justin Cappos Source OpenSource SecurityCon 2026 🛡️ Beyond the Green Checkmark: Securing Source Code with git-tough Source code serves as the foundation of our digital world, yet it remains an ideal target for attackers. We often trust the platforms where we host our code, but what happens when that trust is misplaced? At a recent tech talk, Justin Cappos (creator of TUF and in-toto) and Yongjae Chung (Master’s student and contributor) introduced git-tough, an incubating project under the OpenSSF designed to bring industrial-grade security directly into your Git workflow. ...

Presenters Lori Lorusso Rust Foundation Source OpenSource SecurityCon 2026 🦀 Strength in Numbers: How Cross-Ecosystem Collaboration Saved Rust from a Fishing Attack In the world of open-source, we often talk about code, compilers, and performance. But what happens when the biggest threat isn’t a bug in the software, but a trap for the humans behind it? Lori Lorusso, Director of Outreach for the Rust Foundation, recently shared a compelling case study on how a “super team” of foundations joined forces to thwart a sophisticated phishing campaign. ...

Presenters Lin Sun Solo.io Yi Yang IBM Source OpenSource SecurityCon 2026 🔐 Secure Your AI: Mastering MCP Server Security with OAuth, JWT, and Spiffe Welcome to Amsterdam! 🇳🇱 At the recent conference, Lin Sun (Head of Open Source at Solo.io) and Yi Yang (IBM) took the stage to tackle one of the most pressing challenges in the burgeoning world of AI agents: How do we move Model Context Protocol (MCP) servers from local experiments to secure, production-ready Kubernetes deployments? ...