Open Source SecurityCon | Sponsored Keynote: From Packets to Pods: Lessons from 25... Gerald Combs

Presenters Gerald Combs Source OpenSource SecurityCon 2026 The Magic of Open Source: Building Communities That Matter ✨ Hey tech enthusiasts! 👋 Ever wondered what makes open-source projects like Wireshark and Falco tick? Gerald Combs, the brilliant mind behind Wireshark and a key contributor to Falco, recently shared some incredible insights into nurturing these vital communities. It’s not just about code; it’s about people, purpose, and progress. Let’s dive into what makes these projects, and by extension, the systems they power, so robust and reliable. ...

March 24, 2026 · 3 min

Panel: It’s Not If, It’s When - Practical Preparation for the Next Software Supply Chain Attack

Presenters Hannah Foxwell Justin Cormack Sal Kimmich Erika Heidi Josh Bressers Source OpenSource SecurityCon 2026 Navigating the Storm: Practical Strategies for Modern Supply Chain Security 🛡️ The digital landscape is a battlefield, and the supply chain is the new frontier. From the chilling lyrics of a song about relentless attacks to the serious discussions of industry leaders, one thing is clear: the threat to our software supply chains is real, it’s evolving, and we need practical strategies to defend ourselves. This panel brought together some brilliant minds to tackle this critical issue, and here’s a breakdown of their insights. ...

March 24, 2026 · 5 min

Tarmageddon: One Bug, Four Forks, and a Disclosure Scavenger Hunt - Marina Moore & Alex Zenla, Edera

Presenters Marina Moore Alex Zenla Source OpenSource SecurityCon 2026 The Unseen Dangers in Open Source: A Deep Dive into a Critical Tar Bug 🐛💻 Hey tech enthusiasts! 👋 Ever wonder what lurks beneath the surface of the open-source software you use every day? Today, we’re diving deep into a fascinating, albeit slightly terrifying, bug that Marina Moore (Head of Research at Ada) and Alex Zenla (CTO of Ada) stumbled upon. This isn’t just about a single bug; it’s a journey into the intricate world of software supply chain security, the complexities of open-source ecosystems, and the often-overlooked responsibilities of project maintainers. 🚀 ...

March 24, 2026 · 7 min

Thinking About Source Code Security in New Ways - Yongjae Chung & Justin Cappos, New York University

Presenters Yongjae Chung Justin Cappos Source OpenSource SecurityCon 2026 🛡️ Beyond the Green Checkmark: Securing Source Code with git-tough Source code serves as the foundation of our digital world, yet it remains an ideal target for attackers. We often trust the platforms where we host our code, but what happens when that trust is misplaced? At a recent tech talk, Justin Cappos (creator of TUF and in-toto) and Yongjae Chung (Master’s student and contributor) introduced git-tough, an incubating project under the OpenSSF designed to bring industrial-grade security directly into your Git workflow. ...

March 24, 2026 · 5 min

Lightning Talk: A Case Study in Cross-Ecosystem Security Response - Lori Lorusso, Rust Foundation

Presenters Lori Lorusso Rust Foundation Source OpenSource SecurityCon 2026 🦀 Strength in Numbers: How Cross-Ecosystem Collaboration Saved Rust from a Fishing Attack In the world of open-source, we often talk about code, compilers, and performance. But what happens when the biggest threat isn’t a bug in the software, but a trap for the humans behind it? Lori Lorusso, Director of Outreach for the Rust Foundation, recently shared a compelling case study on how a “super team” of foundations joined forces to thwart a sophisticated phishing campaign. ...

March 24, 2026 · 4 min