Overview
In light of upcoming new EU software regulations, in particular the Cyber Resilience Act (CRA), OpenSSF will host a 60-minute interactive session to simulate a security incident response to achieve a few goals:
- Provide a playbook for maintainers, contributors, and open source consumers to adopt and customize to start running their own Tabletop Exercise (TTX) and improve their incident response and overall security posture.
- Promote closer collaboration among open source maintainers, consumers, public sectors, and private sectors on vulnerability management, intelligence sharing and incident response.
- Provide education for developers who are learning security.
- Demonstrate how current OpenSSF technologies may be helpful during a security incident.
Session attendees will actively engage in the exercise by bringing their expertise in open software security ranging from open source production, distribution, consumption, vulnerability disclosure and management to incident response.
Featured Speakers
-
Dan Appelquist Open Source & Open Standards Strategy Director, Snyk -
Kairo De Araujo Senior Software Engineer – Open Source, TestifySec -
Georg Kunz Open Source Program Manager, Ericsson -
Joshua Lock Distinguished Engineer, Verizon -
Dana Wang serves as the Chief Architect at the Open Source Security Foundation (OpenSSF), where she leads initiatives to improve the security of the open source ecosystems. She was previously a technology executive at JPMorgan Chase. She was instrumental in building and operating the edge network security controls in the public cloud to enable and protect internet facing applications. Her experience spanned cross solutions architecture, application security, building security guardrails, security incident response automation and orchestration, and payment products development. Before joining JPMorgan Chase, she focused on Single Sign On integrations and various portals development at Cigna. Dana is dedicated to making the open source ecosystem more secure and the world safer.
