State of Open Con 2025

Delivering software fast is one piece of the deployment puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package managers. With 90% of enterprise companies using open source software in their builds no one is immune to these attacks and now more than ever the community is working hard to create safeguards and tooling to prevent potential attacks. The question then becomes who should you look to for best in class security protocols?

Thankfully the open source community is banding together and foundations like OpenSSF, CNCF and OWASP and companies are working to solve security problems. To help ensure a secure SDLC, these developer focused communities are investing time, energy, money and innovation in projects that provide security solutions. This talk will give a brief overview of some major attacks in the last decade, it will underscore the importance of securing your software supply chain at the source and will highlight a some open source projects that are on the market that are helping to close the security gaps.

In recent years, NIST has published several Special Publications focused on cloud application and network security. These documents provide comprehensive guidance and standards for security best practices. They address cloud security controls, Zero-Trust Architectures, and microservice security, while also examining the security implications of various cloud network topologies.

In this talk, Matt will summarize the key recommendations from these publications and outline practical steps for implementation. He'll also demonstrate how to maintain ongoing compliance with these controls using OSCAL and Lula.

Your models are running, your clusters are purring, and everything seems ready to sail smoothly across the vast seas of AI. Everything’s good, right? Attacks targeting GPUs, especially those aimed at poisoning AI models during training and inference, represent a growing frontier—much discussed but rarely explored.
In this hands-on talk, we’ll dive deep into how GPUs can be attacked and, more importantly, how to defend against these threats. You’ll discover best practices and learn how open-source tools you already know—like Falco, Cilium, and others—can protect your precious models. Get ready for an adventure into the open field of GPU security in AI. See it, Hack It, Sort It.

As our reliance on cloud-native infrastructure grows, so does the complexity of protecting sensitive data in multi-tenant and untrusted environments. This talk explores the core principles of secure isolation and trust boundaries to provide a practical understanding of how these concepts safeguard data during processing, enabling compliance, reducing risk, and building user trust. With a focus on real-world applications and accessible insights, this session demystifies the evolving security landscape and empowers engineers, policymakers, and technologists to collaboratively shape a more secure digital future.

Along with the benefits of AI are newly developed threats it enables. This talk spotlights new threats AI will create in 2025 as well as ways AI can be used to catch malicious activities.

In today’s world, security without tool and information harmonization is impossible.

Sadly and understandably, most security projects excel at doing one thing very well, however this is insufficient for most projects and organizations who need a combination of tooling in order to efficiently implement a cybersecurity strategy.

This is why we built and open-sourced Smithy.

Smithy is a framework/SDK and an optional execution engine that allows practitioners to orchestrate any security tool and translate its information to the popular security results standard OCSF. Translating outputs to OCSF format is not an easy process as the standard can be loose in some parts.

In this talk we will walk the audience through our context, why we built Smithy, how the SDK works and our design decisions. We’ll also talk about how we leveraged protobuf to extend the OCSF format and accelerate our development thanks to its strong types, code generation capabilities and built in versioning.

Further we will show participants what are the supported components, how to create a sample component and of course pitfalls, tips and tricks.

At the end of the talk, participants will be able to orchestrate any security tool that provides an api or some sort of way to gather its results into any cybersecurity programme, for free.