This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, August 17 • 3:20pm - 4:10pm
Are Today's FOSS Security Practices Robust Enough in the Cloud Era? - Lars Kurth, Citrix

Sign up or log in to save this to your schedule and see who's attending!

Recent vulnerabilities like Heartbleed and Shellshock have brought the security practices and track record of open-source projects into the spotlight. A project’s response to security issues has a major impact on how much risk end users are exposed to and how the project is perceived in the technology industry.

We will compare the security practices of key projects such as Linux, Docker, Xen Project, OpenStack and others. We will explore the trade-offs of different security practices, such as community trust, competing stakeholder interests, fairness and media coverage of vulnerabilities. Finally, we will explore the evolution of the Xen Project’s security process over the past 3 years as a case study. We will illustrate the trade-offs, pain points and unexpected issues we have experienced, to help other projects understand the pit-falls in designing robust security processes.


Lars Kurth

Director, Citrix
Lars Kurth had his first contact with the open source community in 1997 when he worked on various parts of the ARM toolchain. This experience led Lars to become a passionate open source enthusiast who worked with and for many open source communities over the past 19 years. Lars contributed to projects such as GCC, Eclipse, Symbian and Xen and became the open source community manager for Xen.org in 2011 and later chairman of the Xen Project... Read More →

Monday August 17, 2015 3:20pm - 4:10pm