Product Engineering

Presenters Justin Cappos Source OpenSource SecurityCon NA 2025 Bridging the Gap: How the Linux Foundation is Future-Proofing Tech Education 🚀 Ever feel like the tech world is moving at warp speed, leaving academia a few steps behind? You’re not alone! Many brilliant minds graduating from universities find themselves facing a curriculum that doesn’t quite align with the cutting-edge skills employers are desperately seeking. This disconnect can be frustrating for students, universities, and the industry alike. But what if there was a way to bridge this gap? ...

Presenters Hayden Blauzvern Marcela Melara Source OpenSource SecurityCon NA 2025 Taming the Software Supply Chain Chaos: A Journey Towards Interoperability 🤝 The world of software development is a vibrant ecosystem, but when it comes to securing our digital supply chains, things can get a little… messy. We’re drowning in a sea of formats, specifications, and tools, and it’s leaving many of us scratching our heads. But fear not, fellow tech enthusiasts! A recent deep dive, featuring insights from Hayden Blauzvern of Google’s open source security team and Marcela Melara, a researcher at Intel, is charting a course towards clarity and interoperability. 🚀 ...

Presenters John Kjell Source OpenSource SecurityCon NA 2025 Building Trust: Beyond Basic Provenance in Your Software Supply Chain 🚀 In today’s interconnected world, the security of our software supply chain is paramount. We rely on a complex web of dependencies, tools, and build processes, and a single weak link can have devastating consequences. This is why understanding and strengthening build provenance verification is no longer a nice-to-have, but an absolute necessity. We recently had the privilege of diving deep into this critical area with John Kjell, a seasoned consultant at Control Plane and an active open-source maintainer, as he shed light on the nuances of the Supply-chain Levels for Software Artifacts (Salsa) framework and, more importantly, how to go beyond its standard attestations. ...

Presenters Christopher Robinson Jennifer Power Ben Cotton Stephen Augustus Evan Anderson Source OpenSource SecurityCon NA 2025 Level Up Your Open Source Security: The OpenSSF Security Baseline Explained 🚀 Ever felt like you’re drowning in security checklists and constant requests for information from downstream users? You’re not alone! The world of open-source development is fantastic, but keeping up with security demands can feel like a monumental task. That’s where the OpenSSF Security Baseline comes in, offering a clear, accessible path to fortify your projects and reduce that ever-present burden. ...

Presenters Adolfo García Veytia Source OpenSource SecurityCon NA 2025 Building Trust, Byte by Byte: A Deep Dive into SLSA and the Ample Policy Engine 🚀 Hey tech enthusiasts! Ever felt that nagging doubt about the security of the software you use, or the code you build? In today’s interconnected digital world, the integrity of our software supply chains is paramount. That’s why the recent talk by Adolfo García of Carabiner Systems at our latest conference was a breath of fresh air, diving deep into SLSA, a powerful security framework for software supply chains, and showcasing how the Ample policy engine makes it all come together. ...