BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Open Source Security Foundation - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Open Source Security Foundation
X-ORIGINAL-URL:https://openssf.org
X-WR-CALDESC:Events for Open Source Security Foundation
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:Asia/Kolkata
BEGIN:STANDARD
TZOFFSETFROM:+0530
TZOFFSETTO:+0530
TZNAME:IST
DTSTART:20250101T000000
END:STANDARD
END:VTIMEZONE
BEGIN:VTIMEZONE
TZID:UTC
BEGIN:STANDARD
TZOFFSETFROM:+0000
TZOFFSETTO:+0000
TZNAME:UTC
DTSTART:20250101T000000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=Asia/Kolkata:20260305T140000
DTEND;TZID=Asia/Kolkata:20260305T150000
DTSTAMP:20260516T224209
CREATED:20260223T151357Z
LAST-MODIFIED:20260223T160826Z
UID:10000090-1772719200-1772722800@openssf.org
SUMMARY:Don’t Gawk. Use GUAC Instead.
DESCRIPTION:The definition of “gawk” is “to stare stupidly\, rudely\, or with amazement\, often with an open mouth”. This perfectly captures the reaction that software engineers have when they encounter supply chain security issues. \nLack of transparency is a huge blindside when working with open source tools. This blind spot could blow up into a project black hole — invisible\, resource depleting\, destructive —  if not handled correctly. How do we build situational awareness from this position of incognizance? \nEnter GUAC! A project built by the community and devised to solve the problem of not knowing your software composition. \nWhether you’re an enterprise or just an enterprising indie dev\, this session has something for you. Learn how to make use of GUAC for improving your supply chain security posture. Find out how teams are benefitting from better knowledge of the OSS components in their toolchain. \nGuest Bio \nShreyas Pandya \nStaff software engineer @Guidewire software \nShreyas Pandya is a results-oriented Software Engineer and leader with deep expertise in web application development. He has built web services (microservices)\, APIs\, and has handled scalability\, security\, and cloud infrastructure. Shreyas possesses  experience in working within agile environments and fast-paced startup teams. He currently serves as a Platform Engineer at Guidewire\, where he leads a team of engineers in the delivery of various products. \nDate: 5th March 2026 \nTime: 2 pm IST
URL:https://openssf.org/event/dont-gawk-use-guac/
CATEGORIES:India Initiative
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=UTC:20260311T140000
DTEND;TZID=UTC:20260311T150000
DTSTAMP:20260516T224209
CREATED:20260305T143059Z
LAST-MODIFIED:20260305T143650Z
UID:10000093-1773237600-1773241200@openssf.org
SUMMARY:The Invisible Threat: Secure & Sovereign Digital Backbone
DESCRIPTION:As India’s critical infrastructure shifts from a hardware-heavy setup to “softwarized” environments\, our national security now depends on the integrity of the software supply chain. Join us for an in-depth session with Arpit Tripathi as we move beyond traditional cybersecurity tropes to discuss why the real battlefield isn’t the radio—it’s the interface. \nWe will explore how modern\, cloud-native telecom systems are vulnerable not just to hackers\, but to fundamental modeling failures in Service-Based Interfaces (SBI) and API trust assumptions. \nKey Discussion Points\n\nThe Shift to Softwarization: Why software supply chain security is now a geopolitical imperative.\nBeyond the Radio: Understanding the new attack surfaces in API-driven\, interconnected systems.\nPolicy & Standards: Insights into Standard-Essential Patent (SEP) governance and the role of the TSDSI in India.\nProactive Defense: Why designing security at the interface level is the only way to move from “reacting” to “preventing.”\n\nMeet the Speaker\nArpit Tripathi is a Telecom Engineer and Research Scholar at the Networked and Wireless Systems Lab (IIT Hyderabad). With a unique background spanning both deep technical engineering and public policy\, Arpit’s work focuses on the intersection of open-source security\, telecom infrastructure\, and the doctrinal analysis of tech policy governance in India. \n  \nDate: 11th March 2026 \nTime: 2 PM IST \n 
URL:https://openssf.org/event/india-tech-and-public-policy-critical-infrastructure/
CATEGORIES:India Initiative
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=Asia/Kolkata:20260319T140000
DTEND;TZID=Asia/Kolkata:20260319T150000
DTSTAMP:20260516T224209
CREATED:20260305T091826Z
LAST-MODIFIED:20260309T125439Z
UID:10000092-1773928800-1773932400@openssf.org
SUMMARY:Security In An Open World
DESCRIPTION:Join us on March 19th 2026 for a chat with Abhishek Chauhan\, who leads Sonatype India. \nMillions of software developers trust Sonatype to keep their open source codebases\, libraries\, and dependencies safe. This is one of the oldest companies securing the software supply chain. \nIndia is home to one of the world’s fastest-growing developer communities and is rapidly emerging as a key market for AI-driven software development. The demand for building\, consuming\, and securing code is reaching unprecedented levels as organizations accelerate their adoption of modern technologies. \nAt the same time\, the country continues to produce exceptional engineering talent\, making it a global hub for innovation and technical expertise. Given these factors\, India presents a compelling opportunity for Sonatype to deepen its innovation and talent footprint. \nAnother important topic is the Security Slam event! We will spend a little time talking about what the event is\, what Sonatype aims to achieve\, and how best you can participate in this. \nGuest: Abhishek Chauhan\nSenior Director\, Sonatype \nDate: 19th March 2025\nTime: 2 pm to 3 pm IST
URL:https://openssf.org/event/security-in-an-open-world/
CATEGORIES:India Initiative
END:VEVENT
END:VCALENDAR