Loading…
Open Source Summit North America 2023
Timezone
Attending this event?
May 10-12, 2023
Vancouver, British Columbia, Canada + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, May 11 • 11:00am - 11:40am
Panel Discussion: Open Source Supply Chain Security - Are Containers the Biggest Blind Spot? - Lisa-Marie Namphy, CockroachDB; Liz Rice, Isovalent; Josh Bressers, Anchore; Ayse Kaya, Slim.AI

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Supply chain security has taken center stage recently due to zero day attacks such as typosquatting, and hijacking introduced via third-party ecosystems. Publicly facing open source resources and containers are not immune to such attacks, on the contrary, they may be one of the biggest blind spots we have. It has become clear that software supply chain can quickly become the weakest link in our security ecosystem, and containers are particularly problematic due to their popularity in developer workflows, where oftentimes developer velocity and updates lag behind the speed at which container vulnerabilities are introduced. Join container security industry experts Liz Rice, Ayse Kaya and Josh Bressers with Lisa-Marie Namphy moderating, as they unpack security fractals, SBOMs, the container security landscape and everything else open source developers should be concerned about when leveraging publicly facing resources in today's modern engineering toolchains. Join with questions and you'll come away from this session with good practices and tips for managing your open source supply chain hygiene.
Speakers
avatar for Josh Bressers

Josh Bressers

VP of Security, Anchore
Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Josh is a member of the OpenSSF Technical Council and co-hosts the Open Source Security Podcast and the Hacker... Read More →
avatar for Lisa-Marie Namphy

Lisa-Marie Namphy

Head of Developer Relations, CockroachDB
Lisa is a developer advocate and community architect, and a CNCF Ambassador with 20+ years of experience primarily at Cloud Native, Analytics, and Enterprise Software companies and start-ups. Lisa organizes and runs the SF Bay Cloud Native Containers User Group (one of the world’s... Read More →
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in... Read More →
avatar for Ayse Kaya

Ayse Kaya

Senior Director of Strategy and Analytics, Slim.AI
Ayse Kaya is the Senior Director of Strategy and Analytics at Slim.AI. She is an accredited data scientist and container enthusiast. A graduate of the MIT Sloan School of Management's Operations Research Center, Kaya was previously a strategy and analytics lead at CloudLock and Cisco... Read More →

Thursday May 11, 2023 11:00am - 11:40am PDT
122 (Level 1)
  SupplyChainSecurityCon, Ensuring users know what Software Components Included
Feedback form isn't open yet.