Security

Presenters Helen Woeste Source OpenSource SecurityCon NA 2025 Beyond the Bake-Off: Crafting Thriving Open Source Communities 🚀 Ever dreamt of building a bustling, engaged open source community? It might sound like a daunting task, but what if we told you the secret sauce is surprisingly similar to what goes into a perfect Victoria sponge? Helen Wuesty from the Open Source Technology Improvement Fund (OSTIF) shared some brilliant insights at a recent tech conference, drawing a delightful parallel to the beloved Great British Bake Off. Her “recipe” is all about moving beyond just existing to actively cultivating advocates and fostering deep, meaningful engagement. ...

Presenters Anjali Telang Source OpenSource SecurityCon NA 2025 🚀 Revolutionizing Workload Identity: Your Guide to Production-Ready SPIFFE and SPIRE In the ever-evolving landscape of cloud-native computing, securing what your applications are is just as critical as securing where they are. Gone are the days when network perimeters were enough. Today, workloads, just like users, need verifiable identities. Enter SPIFFE and SPIRE, two CNCF-graduated projects that are set to become the bedrock of your zero-trust strategy. Anjali Tang, a Product Manager for OpenShift specializing in identity and access control, recently shared her deep dive into making these powerful tools production-ready, and we’re here to break it down for you! ✨ ...

Presenters Adrian Mouat Cat Morris Gaurav Saxena Marcus Eagan Alex Zenla Source OpenSource SecurityCon NA 2025 Balancing the Scales: Developer Freedom vs. Security in the Age of Rapid Innovation 🚀 In today’s fast-paced tech world, the buzz around rapid innovation, especially with technologies like containers, is palpable. Developers are empowered to move at lightning speed, achieving feats previously unimaginable. But with this incredible agility comes a perennial challenge: how do we keep our systems secure without stifling that crucial developer freedom? This is the central question that sparked a fascinating discussion at a recent tech conference, and it’s one that resonates deeply with every engineering team out there. ...

Presenters Frederick Kautz Source OpenSource SecurityCon NA 2025 Navigating the Frontier: Building Secure Agentic Systems with Safe MCP 🚀 The world of AI is moving at lightning speed, and with the rise of powerful Large Language Models (LLMs) and their ever-expanding toolkits, comes a new frontier of security challenges. How do we ensure these intelligent agents are not only innovative but also safe? This is where Safe MCP steps in, offering a structured and comprehensive approach to mapping risks, threats, and mitigations for these complex systems. ...

Presenters Evan Anderson Source OpenSource SecurityCon NA 2025 Level Up Your Open Source Security: Introducing the OpenSSF Security Baseline 🚀 The world of technology is buzzing with innovation, but with great power comes great responsibility – especially when it comes to security! In today’s digital landscape, keeping our software secure isn’t just a good idea; it’s becoming a legal imperative. And when it comes to the open source projects that form the backbone of so much of our digital infrastructure, ensuring their health and security is a collective mission. That’s where the OpenSSF Security Baseline steps in, offering a guiding light for a more robust and sustainable open source future. ✨ ...