Loading…
Back To Schedule
Thursday, June 23 • 2:05pm - 2:45pm
Securing Open Source Software - End-to-End, at Massive Scale, Together - Christopher R Robinson, Intel & Anne Bertucio, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Open source software is a significant part of the core infrastructure in most enterprises in most sectors around the world and is foundational to the internet as we know it. It also represents a massive and profoundly valuable attack surface. Each year more lines of source code are created than ever before - and along with them, vulnerabilities. In this presentation, we’ll share key lessons learned in our experience coordinating the industry-wide remediation of some of the most impactful vulnerabilities ever disclosed, present a threat model of the many unmitigated challenges to securing the open source ecosystem, share new data which illustrates just how fragile and interdependent the security our core infrastructure can be, debate the challenges to securing OSS at scale, and speak unspoken truths of coordinated disclosure and where it can fail. We will also discuss the Open Source Security Foundation (OpenSSF) and share guidance for how members of the security community can get involved and contribute meaningfully to improving the security of OSS - especially through coordinated industry-wide efforts.

Speakers
avatar for Anne Bertucio

Anne Bertucio

Senior Program Manager, Google
Anne is a Senior Program Manager in Google’s Open Source Programs Office (OSPO) where she helps teams at Alphabet develop, contribute to, and release open source software. Anne works on strengthening the security practices of open source projects run by Google, helping Googlers... Read More →
CR

Christopher Robinson

Ambassador of Intel Product Assurance and Security, Intel
Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. With 25 years of Enterprise-class engineering, architectural, operational and leadership experience, CRob has worked at several Fortune 500 companies with experience... Read More →


Thursday June 23, 2022 2:05pm - 2:45pm CDT
Brazos (Level 2)