You are invited to attend North American DevOps Group’s next event in the Boston Metro area!
NADOG Presents – DevOps and Hops
Guest Speaker - Brian Fox, CTO Sonatype
"Open Source Developers Are Security’s New Front Line" (abstract below)
Networking with your local peers
Beer, soft drinks, food
Free, courtesy of our sponsors!
Read more about NADOG here: www.nadevops.com
NOTE, NADOG events are designed for IT practitioners and their leadership only. Sales reps, recruiters, etc., please contact NADOG regarding sponsorship opportunities, email@example.com.
"Open Source Developers Are Security’s New Front Line"
Over the last five years, a shifting battlefield of attacks based on OSS consumption has emerged. Attackers effectively have a first-mover advantage based on responsible disclosures.
It’s become clear that we are in the middle of a systematic attack on the social trust and infrastructure used to distribute open source. In just a few years, we’ve gone from attacks on pre-existing vulnerabilities occurring months after a disclosure down to two days - and now, we are at the point where attackers are directly hijacking publisher credentials and distributing malicious components.
Open source developers are the front line of the new battle. We must not let them ruin the reputation of the things we’ve built. In this session, Brian Fox, 20 year open source developer, core contributor to Maven and CTO ofSonatype will:
Analyze, and detail, the events leading to today’s “all-out” attack on the OSS industry
Define what the future of open source looks like in today’s new normal
Outline how developers can step into the role of security, to protect themselves, and the millions of people depending on them