How Community Helped Me Survive A Challenging Job Search

I started my career in 2004 and I have been laid off three times. The shame around the first two experiences was replaced with the shocking reality that I was now one of the 260,000+ tech workers laid off in 2023. The stakes were higher this time, the competition was stiff, and I could have easily fallen into a pit of despair. Thankfully the community had my back and helped me stay focused and supported during the most unnerving time of my life. This talk will discuss my community involvement prior to being laid off, my seven month journey to find new employment, and how staying engaged and active in the community helped boost my confidence and opened several doors to find my current gig. I’ll discuss some tips, resources, and strategy I used along the way.

A Hitchhikers Guide to the CNCF Landscape

Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. The magic number is 42 so we are going to dive into 10 stellar projects you may be missing out on. Then we’re going to speed round through the remaining 32! Why you ask? We currently have 190 projects, and finding information about them can be a challenge. “Just go to the website” doesn’t cut it.

Getting started can be difficult for new users and contributors. We will equip you with knowledge so you can make an informed decision when you’re choosing projects to include in your toolkit. In this talk you will learn how to navigate the CNCF Landscape to find information about our projects. You will learn how to search by category & maturity, and understand how organizations use these projects in production. The goal is for you to be confident in your ability to traverse the landscape so the next time you "go to the website" you will find what you need.

Dance Like Nobody Is Watching, Encrypt Like Everyone Is

PostgreSQL is the most popular open-source database among developers. It is one of the Top 5 databases in the world and it is fully open source and community driven. But is it secure - or could it be more secure? PostgreSQL's open source edition currently lacks Transparent Data Encryption (TDE). TDE is the way that data at rest protection can be done on the database level, ensuring the data is encrypted on the disk as well as in your backups and no application changes are required. To help give the community this added security benefit, Percona has created and is currently testing an open source TDE extension. This talk will cover our decision making process in creating the extension, it will go over data and findings that span the development of the extension, the added security benefits to your database, and point to what the future holds for TDE.

Open Source Evangelists Assemble

On August 10th, 2023, Hashicorp changed its license for Terraform to a non-open source license. The community was up in arms, a manifesto was written, and a little over a month later OpenTofu supported by the Linux Foundation was launched. On March 20, 2024, Redis announced it was adopting a new license terminating its status as an open source database. On March 28, 2024, the community again assembled behind the protective shield of The Linux Foundation and Valkey was formed. These are two examples of the power of the open source community to activate its ‘avengers’ to save countless corporations and open source development.

With open source seemingly under attack how do we protect ourselves from licensing changes? How do we as a community choose to stick with a product that’s changed its license or take a chance on an open source edition? This talk will discuss methods to help gain awareness, contributors, adoption and successfully build an open source project’s community from the perspective of seasoned community collaborators and tech evangelists.

Bridging the Gap Between Open Source Problems - Communities In Action

Community members from multiple projects, foundations and organizations like Oasis Open, CNCF, OpenSSF, Rust Foundation, and the Continuous Delivery Foundation find themselves working on the same problems, but they are all attacking the issues from different angles. The one thing that is constant is that the community wants to solve the problem but community members find themselves working in silos based on what foundation their respective companies belong to and we feel the community as a whole are missing out on the bigger picture. This talk will show how cross community collaboration can strengthen both communities and foundations by bridging the gap in knowledge, practice and standards the result may help create solutions that are well thought out from multiple vantage points that benefit developers across the board.

Building a Community Bridge Between Java and Open Source Security

Have you ‘shifted left?’ Are you scanning your code for vulnerabilities before you deploy to production? Do you even care? Shifting left as a developer may seem like an annoying task to add to your workflow or you may feel overwhelmed because there are so many ‘security’ products in the marketplace you don’t know what to choose. As a Java developer how do you even get started with the practice of shifting left? That’s where community comes in and becomes the bridge between ‘I know I need to do this,’ and ‘how do I do this.’

The Continuous Delivery Foundation is an open source community improving the world's ability to deliver software with security and speed. This talk will cover how expanding your network to include the CDF will help you shift your thinking and your skills.

Securing Your Software Supply Chain One Open Source Project at a Time

Delivering software fast is one piece of the CI/CD puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package managers. The financial industry is not immune to these attacks and now more than ever they need to be working harder to prevent potential attacks. The question then becomes how do you protect your DevOps pipeline?

This is a problem that projects in foundations like the Continuous Delivery Foundation (CDF), OpenSSF, CNCF and OWASP are working to solve.. To help ensure a secure SDLC, these vendor neutral, developer focused communities are investing in projects that provide security solutions. This talk will highlight the importance of securing your software supply chain at the source and how technologists all around the globe are working to solve this problem.

I’ve Started an Open Source Project – Now What!?!

You created a brand new open source project and you know that your project is going to save thousands of developers from going through the same hardships you faced. But how to get the word out about this amazing tool you built and get more user adoption, contributors, maintainers…

This talk will discuss how you can get your project more visibility within the developer community by proposing it to become a part of a foundation. I'll cover the who, what, where, and why of taking your project to the next level and proposing it to a foundation.

What Do You Get If You Cross the CNCF, CDF & OpenSFF? Strenghtening Community through Collaboration

Community members from multiple projects, foundations and organizations find themselves working on the same problems and are attacking the issues from different angles. The cool thing is the community wants to solve the problem. The harsh reality is these groups often find themselves working in silos based on the working group, SIG or foundation they joined. This creates a whole new problem: how do we share findings, reference architectures, resources across the board? This talk will focus on CNCF, CDF and OpenSFF and will demonstrate how cross community collaboration can strengthen both communities and foundations by bridging the gap in knowledge, practice and standards. The result may help create solutions that are well thought out from multiple vantage points that benefit developers across the board whether they are focused on cloud native, continuous delivery or software supply chain security.

This talk covers three Linux Foundations: CNCF, CDF, and OpenSFF and discusses working in silos and the potential opportunities to increase knowledge base and creativity to solve pain points when communication is open and brain trust is shared.

The 5 Ws and H of Open Source Community

The term 'community' is used throughout tech conversations, articles, websites, marketing collateral, etc. The list is endless but what exactly is an open source community? This panel will discuss the 5 Ws: who, what, where, why, when, and the H: how - of open source community. We'll dive into each question and give real world examples of our experience getting to the bottom of 'open source community.' We'll discuss the who, the people that dedicate their time to community, the what: technology and projects, when things go well, why things maybe don't go so well, and how to join and get involved!

5 community leaders will talk about the value of open source community by delving into the reasons why it exists and how it makes the technology ecosystem stronger.

Black Jack! Doubling Down on Open Source

The probability of winning blackjack is 42.22%, and the probability that your company’s enterprise software is using open source components is anywhere between 70-85%. With high risk - XZ Utils Backdoor, SolarWinds, Log4J, etc. comes the opportunity for high rewards - innovation, developer productivity and community happiness! The chance that your company isn’t consuming open source is so low that doubling down on contributing to open source is the safest bet you’ll make. This talk will cover why an effective open source strategy is a win for the community and for your company. We’ll discuss the benefits of having a ‘seat at the table’ and why this is a low risk high reward move.

Six Degrees of Kevin Bacon - Open Source Community Edition

The open source community can be siloed at times. People tend to ‘stay in their lane’ and don’t realize what they may be missing out on by not expanding their network. I know time is limited and it’s impossible to participate in every community so how do you become like Kevin Bacon? How do you set yourself up to be connected to people in various communities that you may be able to help or vice versa without being present at every meeting? I’m going to show you how you can channel your inner Kevin Bacon and learn how to expand your network like your funding counted on it!