BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Open Source Security Foundation - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://openssf.org
X-WR-CALDESC:Events for Open Source Security Foundation
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:Asia/Kolkata
BEGIN:STANDARD
TZOFFSETFROM:+0530
TZOFFSETTO:+0530
TZNAME:IST
DTSTART:20250101T000000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=Asia/Kolkata:20260409T180000
DTEND;TZID=Asia/Kolkata:20260409T190000
DTSTAMP:20260427T212523
CREATED:20260403T151238Z
LAST-MODIFIED:20260408T065506Z
UID:10000107-1775757600-1775761200@openssf.org
SUMMARY:Handing Over The Keys to Your Kingdom: AI-Driven Security Woes
DESCRIPTION:The current security landscape reveals a dangerous paradox: the very tools we trust to secure our code—AI agents and DevSecOps utilities—possess the broadest permissions but the weakest oversight. We are currently witnessing a “credential-drift” crisis where automated tools are becoming the primary vectors for supply chain contagion. \nTo prevent the next cascade\, we must move away from reactive patching and toward a Closed-Loop Integrity System. \nThe last 14 days have highlighted a systemic failure in how we manage “privileged automation.” Trivy\, Axios\, LiteLLM\, OpenAI Codex\, and Claude Code have all fallen prey to various supply chain attacks. \nWe are handing the “keys to the kingdom” to AI agents and automated scanners that are\, by nature\, high-value targets. If you aren’t monitoring your security tools with the same intensity you use for your production databases\, you aren’t running a secure shop—you’re just waiting for the next cascade. \nJoin this talk to learn more about how you can prevent supply chain security failures in your AI world. \n  \n \nGuest: Himanshu Sangshetti \nDate: Thursday\, 9th April 2025 \nTime: 6 PM IST
URL:https://openssf.org/event/handing-over-the-keys-to-your-kingdom/
CATEGORIES:India Initiative
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=Asia/Kolkata:20260521T140000
DTEND;TZID=Asia/Kolkata:20260521T150000
DTSTAMP:20260427T212523
CREATED:20260310T160235Z
LAST-MODIFIED:20260403T151956Z
UID:10000105-1779372000-1779375600@openssf.org
SUMMARY:Sword and Shield: Security Strategy Needs Both Offense & Defense
DESCRIPTION:In the world of software development\, security is often treated like the “veggies” of the SDLC—everyone knows they’re good for you\, but most developers would rather just skip straight to the dessert (shipping code). But what happens when the “bad guys” decide to join the party uninvited? \nIn this episode\, we sit down with two titans of the industry to see what happens when the irresistible force of Red Teaming meets the immovable object of Blue Teaming. \nMeghana Rao\, our resident VAPT and Cloud Security specialist\, walks us through the art of the “friendly break-in.” She’ll explain why thinking like a villain is the only way to build a digital fortress. On the flip side\, Shubham Mishra\, a seasoned Threat Hunter and Insider Threat specialist\, shows us how she tracks the whispers in the wires to catch intruders before they even realize they’ve been spotted. \nTogether\, they’ll dive into the “Why” of the tandem. Join us to learn why Red and Blue aren’t rivals\, but actually the ultimate “work spouses.” You will also learn how this maps to the SDLC Lifecycle. Fully understand how to bake security into your code so you aren’t trying to “bolt it on” while the house is already on fire. \nWhether you’re a developer trying to understand why your security lead is crying\, or a CISO looking to harmonize your teams\, this episode provides the roadmap to a safer digital landscape. \nDate: 21st May 2026 \nTime: 2 pm IST
URL:https://openssf.org/event/red-team-blue-team-security-strategy-offense-defense/
CATEGORIES:India Initiative
END:VEVENT
END:VCALENDAR