Approaching Security with Kindness and Compassion
07-17, 13:30–14:00 (Europe/Sarajevo), SA01

Wow it has been a busy time for security vulnerabilities. FOSS4G software is getting caught up in the general push to regulate IT and impose “security” on the technology that powers society.

This talk explores the tensions, expectations, terrors and triumphs on this hot button topic. We will look at a sensible response to Europe's Cyber Resilience Act and how GeoSever and GeoNetwork policies have been updated to address these concerns for developers, participating organizations and members of the public.

This talk unpacks what this can look like for foss4g projects using real world examples.

  • Built around the experience of the GeoServer project, and the resulting security policy and practices that can serve as a template for our foss4g community.
  • Public institutions can attend this talk to learn how their security policies interact with and affect foss4g technologies.
  • Vendors and service providers can learn how open source supply chains affect their products.
  • FOSS4G projects can attend to learn how to approach security reports with compassion, and a bit of boundary setting, to take care of your codebase and community.

Security is difficult with consequences being felt at all levels. Help meet this challenge by supporting yourself and each other.

Indicate what is (are) the open source project(s) essential in your talk

http://geoserver.org
http://geonetwork-opensource.org
https://www.osgeo.org

 Assign a number between 1 and 3 indicating the level of technical complexity of your contribution.

1 - no previous knowledge needed

 Give indication of resources (video, web pages, papers, etc.) to read in advance, that will help get up to speed on advanced topics.

https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act

 Select at least one general theme that best defines your proposal

Business & FOSS4G, FOSS4G at governmental institutions, Community building and participatory FOSS4G

 I make my conference contribution available under the CC BY 4.0 license. The conference contribution comprises the abstract, the text contribution for the conference proceedings, the presentation materials as well as the video recording and live transmission of the presentation – yes
Jody Garnett

Jody Garnett is an open source developer and advocate working with GeoCat Canada. He has over 20 years experience consulting, training, building solutions, and guiding technology development. Jody is on the steering committee for the GeoServer, GeoTools, and JTS Topology Suite projects, and volunteers as chair of the OSGeo Incubation Committee.

This speaker also appears in: