In this episode, we welcomed back Christopher Robinson, aka CRob, to discuss his extensive work in the Open Source Security Foundation (OpenSSF). We chatted about the importance of open source software security, detailing the various initiatives aimed at improving security standards. CRob shares insights into the working groups and projects within OpenSSF, focusing on their efforts to educate developers and security researchers. We also touched on the upcoming SOSS Fusion event, and its role in fostering community engagement and collaboration in open source security. We encourage listeners to join these endeavors and contribute to solving significant security challenges.
00:00 Welcome Back, CRob! 00:52 Diving into Open Source Security 01:20 Understanding the OpenSSF 04:18 Key Personas in Open Source Security 09:44 Educational Resources for Developers 12:17 Getting Involved with OpenSSF Projects 15:27 Upcoming Event: SOSS Fusion 17:47 The Value of Open Source Events 21:48 Final Thoughts and Future Plans
Resources: OpenSSF
SOSS Fusion
Guest: Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. CRob is a 41st level Dungeon Master and a 24th level Securityologist. He has worked at several Fortune 500 companies with experience in the Financial, Medical, Legal, and Manufacturing verticals, and spent 6 years helping lead the Red Hat Product Security team as their Program Architect.
CRob has been a featured speaker at Gartner’s Identity and Access Management Summit, RSA, BlackHat, DefCon, Derbycon, the (ISC)2 World Congress, and was named a "Top Presenter" for the 2017 and 2018 Red Hat Summits. CRob was the President of the Cleveland (ISC)2 Chapter, and is also a children's Cybersecurity Educator with the (ISC)2 Safe-and-Secure program. He holds a Certified Information Systems Security Professional (CISSP) certification, Certified Secure Software Lifecycle Professional (CSSLP) certification, and The Open Group Architecture Framework (TOGAF) certification. He is heavily involved in the Forum for Incident Response and Security Teams (FIRST) PSIRT SIG, collaborating in writing the FIRST PSIRT Services Framework, as well as the PSIRT Maturity Assessment framework. CRob is also the lead/facilitator of the Open Source Security Foundation (OpenSSF) Vulnerability Disclosures and OSS Developer Best Practices working groups as well as a Technical Advisory Committee (TAC) member.
He enjoys hats, herding cats, and moonlit walks on the beach.