<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">
Upstream microphone

Josh Bressers

VP of Security


Upstream ribbons
Josh Bressers
Panel: Life after the xz utils backdoor hack
12:35 PM - 1:20 PM EST
In late March, we all dealt with yet another attack on a popular open source project; this time, in the Linux-level package used for file compression called xz utils. What was most sinister about this attack, though, was how deeply it impacted trust within the open source community. The attacker spent years engineering multiple sock puppet accounts to gain the trust of the volunteer xz utils maintainer. In this panel moderated by Tidelift VP of product Lauren Hanford, we’ll talk to Josh Bressers of Anchore; Jordan Harband, prolific Javascript maintainer; Rachel Stephens from RedMonk; and Terrence Fischer from Boeing to get a diverse mix of perspectives on how this changes the landscape of open source software supply chain security.

About Josh Bressers

Josh Bressers is vice president of security at Anchore where he guides security feature development for the company’s commercial and open source solutions. He  is a co-lead of the OpenSSF SBOM Everywhere project, and is a co-founder of the Global Security Database project at the Cloud Security Alliance.