The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Sign up or log in to add sessions to your schedule and sync them to your phone or calendar.
Uncover valuable insights into how GitHub secures the open-source software we all depend on, with real-world examples from the GitHub Security Lab, which uncovered 1,000+ vulnerabilities and was credited with 700+ CVEs over four years. Securing open-source software is critical because it underpins much of today’s digital infrastructure, and vulnerabilities in widely used components can create significant risks across entire software ecosystems.
This session will provide the latest updates on how GitHub enhances various elements of the Secure Software Development Life Cycle (SSDLC), leveraging the driving forces of Artificial Intelligence (AI), Developer Experience (DevEx), and community collaboration to secure open source. We will explore best practices in software security, including code scanning, secrets hygiene, dependency management, automation, and enhancing security awareness through gamification. The audience will gain a deep understanding of industry-leading initiatives and lessons learned from our experience in today's rapidly changing landscape.
