Lightning Talk: A Supply Chain Security View of OpenSearch - Ram Iyengar, Linux Foundation

Presenters Ram Iyengar Source OpenSource SecurityCon 2026 Strengthening Open Source Security: A Look at OpenSearch’s Journey 🚀 Hey tech enthusiasts! 👋 It’s your favorite blogger here, diving deep into the crucial world of open source security. Today, we’re dissecting the efforts of a prominent project, OpenSearch, and exploring how we can all contribute to a more secure digital ecosystem. The “Finger in the Dike” Analogy: A Developer’s Reality 🤏 We’ve all heard the classic tale of the little boy with his finger in the dike, preventing a flood. In the open source world, many developers find themselves in a similar, albeit digital, predicament. They’re often the first line of defense, patching vulnerabilities and ensuring the stability of projects while juggling feature development and community demands. This constant “plugging the holes” can be exhausting and, frankly, unsustainable. ...

March 24, 2026 · 4 min

Open Source SecurityCon | Sponsored Keynote: From Packets to Pods: Lessons from 25... Gerald Combs

Presenters Gerald Combs Source OpenSource SecurityCon 2026 The Magic of Open Source: Building Communities That Matter ✨ Hey tech enthusiasts! 👋 Ever wondered what makes open-source projects like Wireshark and Falco tick? Gerald Combs, the brilliant mind behind Wireshark and a key contributor to Falco, recently shared some incredible insights into nurturing these vital communities. It’s not just about code; it’s about people, purpose, and progress. Let’s dive into what makes these projects, and by extension, the systems they power, so robust and reliable. ...

March 24, 2026 · 3 min

Panel: It’s Not If, It’s When - Practical Preparation for the Next Software Supply Chain Attack

Presenters Hannah Foxwell Justin Cormack Sal Kimmich Erika Heidi Josh Bressers Source OpenSource SecurityCon 2026 Navigating the Storm: Practical Strategies for Modern Supply Chain Security 🛡️ The digital landscape is a battlefield, and the supply chain is the new frontier. From the chilling lyrics of a song about relentless attacks to the serious discussions of industry leaders, one thing is clear: the threat to our software supply chains is real, it’s evolving, and we need practical strategies to defend ourselves. This panel brought together some brilliant minds to tackle this critical issue, and here’s a breakdown of their insights. ...

March 24, 2026 · 5 min

Tarmageddon: One Bug, Four Forks, and a Disclosure Scavenger Hunt - Marina Moore & Alex Zenla, Edera

Presenters Marina Moore Alex Zenla Source OpenSource SecurityCon 2026 The Unseen Dangers in Open Source: A Deep Dive into a Critical Tar Bug 🐛💻 Hey tech enthusiasts! 👋 Ever wonder what lurks beneath the surface of the open-source software you use every day? Today, we’re diving deep into a fascinating, albeit slightly terrifying, bug that Marina Moore (Head of Research at Ada) and Alex Zenla (CTO of Ada) stumbled upon. This isn’t just about a single bug; it’s a journey into the intricate world of software supply chain security, the complexities of open-source ecosystems, and the often-overlooked responsibilities of project maintainers. 🚀 ...

March 24, 2026 · 7 min

Thinking About Source Code Security in New Ways - Yongjae Chung & Justin Cappos, New York University

Presenters Yongjae Chung Justin Cappos Source OpenSource SecurityCon 2026 🛡️ Beyond the Green Checkmark: Securing Source Code with git-tough Source code serves as the foundation of our digital world, yet it remains an ideal target for attackers. We often trust the platforms where we host our code, but what happens when that trust is misplaced? At a recent tech talk, Justin Cappos (creator of TUF and in-toto) and Yongjae Chung (Master’s student and contributor) introduced git-tough, an incubating project under the OpenSSF designed to bring industrial-grade security directly into your Git workflow. ...

March 24, 2026 · 5 min