Join our first Tech Talk of 2024, where organizations will discuss the importance of adopting OpenSSF Scorecard.
OpenSSF Scorecard helps open source maintainers improve their security best practices and helps consumers judge whether their dependencies are safe.
Discover the essence of the OpenSSF Scorecard and its pivotal role in fortifying the open source landscape. Gain invaluable insights from organizations at the forefront of implementing OpenSSF Scorecard as they share their experiences and best practices. A moderated discussion will explore their experiences, challenges, and successes in adopting OpenSSF Scorecard.
The Tech Talk will discuss:
- What is OpenSSF Scorecard and its significance?
- What are organizations’ experiences and impacts using Scorecard?
- How can your organization implement OpenSSF Scorecard?
- What can we look forward to in the future?
Bring your questions about OpenSSF Scorecard and securing open source software as we explore how to build a stronger, more resilient open source community.
Mark your calendar
What: OpenSSF Tech Talk
Topic: Building a Stronger Open Source Ecosystem: OpenSSF Scorecard
Date: March 13, 2024
Time: 10 AM PST
Duration: 1 hour
Location: Virtual
Cost: Free!
Meet our Speakers
Panelists:
Chris Swan – Engineer, Atsign
Laurent Simon – Security Engineer, Google
Melba Lopez – Senior Technical Staff Member (STSM), IBM
Moderator:
Caroline Lee – Security Engineer, IBM
Caroline Lee, Security Engineer, IBM: Caroline is based out of Boston, Massachusetts, and works as a Security Engineer at IBM in CISO Remediation. She holds a Masters in Computer Science with a Specialization in Cybersecurity. Previously, she has worked on CICD, Application Security, and Cloud Security initiatives in the government sector. She is currently involved in projects in Application Security, DevSecOps, and more.
Chris Swan – Engineer, Atsign: Chris Swan is an Engineer at Atsign, building the atPlatform, a Networking 2.0 technology that is putting people in control of their data and removing the frictions and surveillance associated with today’s Internet. He was previously a Fellow at DXC Technology where he held various CTO roles. Before that he held CTO and Director of R&D roles at Cohesive Networks, UBS, Capital SCF and Credit Suisse, where he worked on app servers, compute grids, security, mobile, cloud, networking and containers. Chris is an InfoQ Editor writing about cloud, DevOps and security, he co-hosts the Tech Debt Burndown Podcast and is a Dart Google Developer Expert (GDE).
Laurent Simon – Security Engineer, Google: Laurent is a security engineer in the Open Source Security Team (GOSST) at Google. His team works in collaboration with the open-source community and the OpenSSF on novel security solutions, such as Scorecards, Allstar, Sigstore, SLSA, OSS-Fuzz, OSV, etc.
Melba Lopez – Senior Technical Staff Member (STSM), IBM: Melba Lopez is a seasoned cybersecurity professional currently serving as a Senior Technical Staff Member (STSM) at the IBM Office of CISO. With a primary focus on the strategy and delivery of enterprise software supply chain security, Melba plays a pivotal role in safeguarding critical assets against emerging supply chain threats. In addition to her role at IBM, Melba is deeply involved in industry initiatives aimed at fortifying software supply chains. She serves as an OWASP Dependency Track maintainer, demonstrating her commitment to advancing open-source security solutions. Previously, she held leadership positions within the Open Source Security Foundation (OpenSSF), including co-lead of the Supply Chain Integrity Working Group and Lead of the Positioning Special Interest Group. Melba’s expertise spans over 18 years, covering a diverse range of domains such as application development, cloud computing, networking, and security. Her multidisciplinary background equips her with a comprehensive understanding of the intricate landscape of cybersecurity challenges. With a Master’s degree in Cybersecurity & Information Assurance, Melba is passionate about leveraging her knowledge and experience to drive impactful changes in the cybersecurity ecosystem.
Register Now
Secure your spot at the Scorecard Tech Talk! Join us to explore Scorecard and the vital topic of securing open source software through practical perspectives and engaging discussions. Register here.