Events

Join us in Minneapolis, Minnesota in May 2026 for an OpenSSF community gathering! OpenSSF Community Days bring together a vibrant community from across the Security and Open Source ecosystems to share ideas and progress on capabilities that make it easier to sustainably secure the development, maintenance, and consumption of the software. These events, held regionally and co-located with Open Source Summits, offer an opportunity to engage with the brightest minds in security for a day of collaboration and innovation in software security best practices. As a home for tools, standards, and education, OpenSSF provides attendees the chance to explore these resources, share their experiences, and contribute to a safer and more secure digital world.

The landscape of global regulations around Software Bill of Materials (SBOM) and OSS compliance is changing rapidly. This webinar offers a high-level exploration of the latest requirements and practical challenges, focusing on the US, Indian, and European contexts. Our expert presenters will demystify the CISA minimum SBOM elements, explain why usage information is increasingly vital for license compliance, and discuss the complexities of providing end-of-life data for open source and commercial components.

Attendees will gain insights into how Indian CERT-In and European Cyber Resilience Act (CRA) regulations are shaping supplier obligations, and how these changes impact US organizations working internationally. The session will highlight real-world strategies for managing support windows, responding to customer demands, and preparing for audits, whether you’re dealing with open source projects or commercial software.

Join us for a comprehensive “regulations roundup” that brings together perspectives from multiple regions, clarifies what’s mandated now, and offers practical advice for staying compliant and competitive in a global market.

Register here.

Beyond the Scan: How Leaders Use SBOMs to Manage Open Source Risk
Description

Attendees will learn how to turn SBOMs and open-source audits into practical decision-making tools rather than compliance checklists. The session shows how to translate technical findings such as CVEs, license issues, and abandoned dependencies into business, legal, and regulatory risk that executives can act on. Participants will gain frameworks for prioritizing risk, communicating clearly with leadership, and building lightweight governance and reporting processes that improve security outcomes without slowing delivery.

Speaker: Marcus Lucero

The RSAC 2026 Conference will take place from March 23–26, 2026, at the Moscone Center in San Francisco, CA. Under the theme “The Power of Community,” the event focuses on cybersecurity, innovation, and collaboration among industry professionals, featuring highlights such as the Innovation Sandbox, interactive Villages, and keynote presentations from industry leaders.