FOSDEM 2026

"Securing the software supply chain for the public sector" ( 2026 )

Saturday at 17:30, 25 minutes, AW1.120, AW1.120, Building Europe’s Public Digital Infrastructure Sebastian Kawelke Frederic Noppe , video

Attacks on the software supply chain are becoming increasingly common. Attackers are trying to access critical systems via the software supply chain. Such attacks can have serious consequences, particularly in the public sector. In our talk, we will demonstrate how DevGuard, as an open-source vulnerability management project, helps ZenDiS by finding and closing vulnerabilities before the release of the software and deliver a toolchain for the hardening of base images. DevGuard itself is an OWASP Incubator Project which is available via the openCode-DevGuard instance or as 100% open-source software on GitHub for community use.

2026

0.58 "How public administrations are shifting their software supply chain paradigms – and why now"
0.53 "Panel: Public Procurement for Digital Sovereignty"
0.52 "Code, Quality, Trust: How openCode and the Badge Programme Strengthen Digital Sovereignty"
0.52 "From Vendor Lock-in to Resilient Digital Ecosystems: Leading Change in Europe's Public Digital Infrastructure"
0.52 "Forging Digital Sovereignty Ground Up through Local Governments with Open Source Public Digital Infrastructure"
0.51 "Power to the Public Stack: Governing Europe’s Digital Commons"
0.51 "Digital Public Infrastructure for the World"

2025

0.53 "How do we get the European Union to invest in FOSS maintenance and security?"
0.53 "Managing Vulnerabilities in Open-Source Dependencies"

2024

0.51 "Some updates on Public Code in Germany"

Related: