We all believe in open source - or we wouldn't be attending this conference. But although open source may be a "nice to have" property for software in general, this talk will try to convince you that security software really _must_ be open source. With nearly 30 years of open source and security experience, Mike will address some of the key ways in which the open source community does security - and also debunk a dangerous myth. We will ensure we have lots of times for questions - open source and security should both be two-way conversations!