The 2026 OpenSSF Community Day North America agenda is live, and we invite the open source community to join us on Thursday, May 21, in Minneapolis, MN. Co-located with Open Source Summit North America, this event will serve as a collaborative space for maintainers, security researchers, and industry leaders to discuss the state and future of software supply chain security.Â
This year’s agenda will feature a balance of technical deep dives into SBOMs and digital signatures alongside forward-looking discussions on post-quantum cryptography and AI-driven remediation.There will be much to discuss during the event. Here’s what you’ll find on the schedule:
Keynote Sessions and Morning Programming
The day will begin with Opening Remarks from Steve Fernandez, OpenSSF General Manager, welcoming everybody and sharing exciting news and things you do not want to miss from the OpenSSF community.
“Trusted Publishing: Eliminating Credentials From Your Release Workflow”, Mike Fiedler, Python Software Foundation, will provide a technical look at reducing the reliance on long-lived secrets in the release process.
“BEAR-ing Fruit: A Year of Learning, Mentorship, and Community Building in Open Source Security”, Marcela Melara, BEAR Working Group & Yesenia Yser, Microsoft. Yesenia will offer a retrospective on a year of security mentorship and the growth of the open source security community.
“The Architecture of Accountability: Transparency in Software”, Hayden Blauzvern, Google. Hear from Hayden as this session will examine the structural requirements for maintaining transparency in software ecosystems.
Following the morning break, sessions will shift toward Governance, Risk, and Compliance (GRC) and repository automation.
“Gemara: The GRC Architecture You Didn’t Know You Built”, Hannah Braswell & Jennifer Power, Red Hat; and Eddie Knight — This talk will explore existing architectural patterns that support governance and compliance.
Supply Chain Transparency and Artifact Security
The afternoon sessions will provide deep dives into Software Bills of Materials (SBOMs), digital signatures, and vulnerability management.
“Petra: SBOMs Without Oversharing for Confidential Supply Chain Transparency”, Eman Abu Ishgair, Purdue University & Marcela Melara, BEAR Working Group This presentation will cover methods for sharing SBOM data without compromising sensitive information.
“Verification Toward Applying SLSA in Automotive IVI Software Development”, Yuta Kiyoumi & Takashi Ninjouji, Honda Motor Co., Ltd. This talk will focus on the application of SLSA frameworks within the automotive software sector.
Emerging Technologies: AI and Quantum Readiness
The final block of the day will explore how security must evolve to meet the challenges of artificial intelligence and quantum computing.
“Quantum Proofing Sigstore: A Tale of Three Approaches”, Kevin Conner, Red Hat. The session will detail strategies for preparing Sigstore for a post-quantum cryptographic landscape.
“AI as Security Orchestrator: An Introduction To Darnit”, Michael Lieberman, Kusari. This talk will introduce Darnit and its role in AI-driven security orchestration.
Join Us in Minneapolis!
The OpenSSF Community Day North America 2026 offers a vital opportunity to engage with the most pressing challenges and promising solutions in software supply chain security. From securing release workflows and enforcing community baselines to exploring the future of AI-driven remediation and quantum-safe signatures, the agenda is packed with actionable insights and forward-looking discussions. Don’t miss this chance to collaborate with the open source security community. View the full schedule and register now to secure your spot and help shape the future of secure software development.