The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Software supply chain attacks are on the rise, but what does that really mean for you and your organization? The recently discovered xz backdoor serves as a stark reminder of the potential nightmares lurking in compromised software supply chains. Have you found yourself wondering about incidents like SolarWinds, Log4Shell, and now the xz backdoor, and why they caused such a commotion? If you've been left scratching your head, thinking "Isn't this just an issue for big tech companies?", this session is for you. In this talk, we will explore software supply chain security and explore why it's important for organizations of all sizes. Through real-world case studies, including a deep dive into the xz backdoor, attendees will understand the risks and potential consequences of supply chain attacks. The session will not be all doom and gloom, however. The presenter will introduce attendees to the Open Source Security Foundation (OpenSSF)'s Sigstore project, which is making supply chain security more approachable and accessible.