Open Source has radically expanded in the last decade to become the de facto source of functional code for critical infrastructure across the globe. Looking towards the next decade, we must have a plan for how we intend to regulate, protect and sustain the supply chain of open source software that we depend on as nations, as corporations, and as citizens.In this talk we will detangle the interaction of coding language, development ecosystems, and security surface area – and what we will need to do to ensure that open source is secure by 2030. You’ll leave this talk with an understanding of the current security landscape, the gaps we must address, and what open source can look like if we take security seriously at a global scale.
Sal is the Director of Open Source, AI and DevSecOps at Escher Cloud and passionate about helping engineers, ethical hackers and digital enthusiasts understand the complexity of modern software development. With over a decade of experience as building cloud-native machine learning pipelines in the healthcare and tech for good sectors, their work is now focused on filling the cracks in the open source software supply chain to build a better digital future for all of us. By day, you’ll find Sal working with site reliability engineers, DevOps and cybersecurity specialists to implement best tools and practices to remove toil from developer workflows. By night, you’ll find Sal mentoring the next generation of engineers in cloud computing from around the globe, helping them to make the world a better place through the clever use of math.