Thomas Steenbergen

Head of Open Source Program Office
EPAM Systems

Manage open source, security and SBOMs for your software projects or organization

Security
Wednesday, February 8 • 4:00pm-4:25pm GMT
Churchill, Ground Floor

Thomas Steenbergen

Manage open source, security and SBOMs for your software projects or organization

By the end of this session you should be able to replicate an ORT-based security/license compliance process within your organization including automating your FOSS policy using Policy as Code and save process/review time by using an InnerSource-based review process and re-using FOSS clearance artifacts from the community.

Bio

Thomas is steering committee member and one of the co-founders/organizers of the European Chapter of the TODO group and co-founder of the OpenChain Automation Work Group – both industry working groups where companies collaborate to address shared open source challenges. He is also an active contributor to the SPDX ISO specification for over 5 years, helping to better match what developers find in code and incorporate security (leading the Defects WG). As a core contributor to the OSS Review Toolkit, he enables highly automated open source policy checks in CI/CD by providing easy, open-source & scalable tooling and to share results in open standard (SBoM) formats. He is a frequent speaker and panelist at various global open source conferences and is always happy to start a conversation around anything open source.