Where the open-source database community meets: Secure your spot at PerconaLive.com
Back to all talks

Securing Your Software Supply Chain One Open Source Project at a Time

Event: State of Open Con 2025

Location: London, UK

Dates: 4 February 2025 – 5 February 2025

Presentation: 5 February 2025 , 11:30 am

Video: Watch video

Link: On event website

Speaker: Lori Lorusso

Delivering software fast is one piece of the deployment puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package managers. With 90% of enterprise companies using open source software in their builds no one is immune to these attacks and now more than ever the community is working hard to create safeguards and tooling to prevent potential attacks. The question then becomes who should you look to for best in class security protocols? Thankfully the open source community is banding together and foundations like OpenSSF, CNCF and OWASP and companies are working to solve security problems. To help ensure a secure SDLC, these developer focused communities are investing time, energy, money and innovation in projects that provide security solutions. This talk will give a brief overview of some major attacks in the last decade, it will underscore the importance of securing your software supply chain at the source and will highlight a some open source projects that are on the market that are helping to close the security gaps.

Video

Speaker card

Securing Your Software Supply Chain One Open Source Project at a Time

Speakers

Lori Lorusso

Lori Lorusso

Open Source Advocate | Community Organizer | Program Manager | Speaker

Lori Lorusso is the Head of Community at Percona, where she brings developers, database experts, and open-source enthusiasts together. She is passionate about building strong technical communities, driving conversations around database performance, and making open-source knowledge accessible. Outside of work, she enjoys traveling and exploring new cultures.

View full profile ›