Aug 24 – 26, 2024
Asia/Kolkata timezone

Open source, check, security, check: A checklist for securing open source projects

Aug 24, 2024, 3:45 PM
20m
Room 2: Breakout

Room 2: Breakout

Talk (20 min) Security

Speaker

George-Andrei Iosif
Snap Inc.

Description

Open source software powers much of the technology we use today, from Linux and Kubernetes to Git. However, open source projects often face resource constraints. Contributors typically have limited time and budget to invest, which can lead to a focus only on user-facing features. This can sometimes come at the expense of important but less flashy tasks like security best practices, automated builds, and unit testing.

Our talk, "Open Source Security: Simple Steps for Big Impact," addresses the first challenge. We'll present a clear and actionable checklist that open source maintainers can use to improve the security of their projects, even with limited resources.

Session author's bio

Andrei spent 2022 as a technical leader for a start-up that specialises in automating cybersecurity solutions, as well as being a security engineer in the Romanian Army. After determining that the start-up idea was unviable, he left the public sector and accepted a position at Canonical, working to secure Ubuntu and its open-source components.

Subsequently, he relocated to Switzerland and joined Snap Inc., where he helps make Snapchat a safer platform for our users, free from spam and abuse.

Andrei's current focus is on software security. He has recently contributed to the open-source space and provided advice to start-ups on cybersecurity matters.

In Person Attendance Remote
Social Media https://x.com/iosifache and https://infosec.exchange/@iosifache
Level of Difficulty Intermediate
Please confirm that there are included headshots of all speakers in their profiles Yes
Agree to Privacy Policy and Notice I agree

Presentation materials