The Cloud Native Computing Foundation (CNCF) and the Open Source Security Foundation (OpenSSF) are thrilled to introduce Open Source SecurityCon 2025—a premier event focused on strengthening cloud-native and open source software security.
This one-day conference, set to take place on November 10, 2025, in Atlanta, GA, will be co-located with KubeCon + CloudNativeCon North America and included in the All Access pass. It will bring together software developers, security engineers, public sector leaders, CISOs, CIOs, and technology pioneers. Through collaborative discussions, cutting-edge sessions, and hands-on engagement, attendees can explore emerging security challenges, industry innovations, and best practices shaping the future of secure software development.
Why Attend?
Security is no longer a consideration—it’s a necessity. Open Source SecurityCon 2025 provides a dedicated space for experts and enthusiasts to come together, share insights, and build solutions that will define the next era of secure, scalable software.
Whether you’re a security engineer, DevOps professional, software developer, cloud architect, IT security manager, risk and compliance officer, or open source contributor, this event offers something for you.
What to Expect
Attendees can look forward to sessions covering a wide range of critical security topics, including:
- Secure software development practices
- Supply chain security
- Identity and access management
- Open source public policy
- Architecture and policy best practices
As open source and cloud native technologies become increasingly integral to modern computing, the need for a collaborative, security-focused dialogue has never been greater. This event will be a key platform for fostering discussions that drive real-world security improvements across the industry.
A Community-Driven Effort
Leaders across the open source security ecosystem have voiced their enthusiasm for the event, highlighting its potential impact:
“Securing open source and cloud-native technologies relies on a strong, engaged community. OpenSSF experts build security best practices, specifications, and tools for secure open source, while CNCF pioneers technologies and tools that shape modern software. I’m excited to see this event drive collaboration among top experts, foster the exchange of new ideas, and showcase community-driven security solutions.” – Michael Lieberman, Co-Founder & CTO, Kusari / OpenSSF Governing Board Member / CNCF Technical Advisory Group for Security Lead
“Uniting the CNCF and OpenSSF communities is a vital step in addressing the growing complexities of software supply chain security. Attacks against software supply chains continue to escalate—open source malware, for example, has increased over 200% year-over-year. This event is an important opportunity for developers, security professionals, open source enthusiasts, and policy experts to collaborate and strengthen the security of the open source and cloud-native ecosystems.” – Brian Fox, Co-Founder & CTO, Sonatype / OpenSSF & FINOS Governing Board Member
“The ubiquity of cloud-native technologies fostered by CNCF, combined with the security best practices and tools provided by OpenSSF, creates a powerful synergy that strengthens the open source ecosystem. This event marks a significant step toward aligning best practices, tooling, and education across the broader open source security landscape.” – Arun Gupta, VP of Developer Programs, Intel / Governing Board Chair for CNCF & OpenSSF
“Over the past few years, cloud-native technology has become a critical component of modern infrastructure—one that must be built and managed securely. CNCF contributors and End Users have already developed best practices for doing this, and bringing CNCF and OpenSSF together for Open Source SecurityCon is an exciting next step. This event will provide actionable insights for cloud-native practitioners, software supply chain security enthusiasts, and those exploring the intersection of security and public policy.” – Stephen Augustus, Technical Architect, Office of the CTO, Bloomberg L.P. / OpenSSF Technical Advisory Council Member / Kubernetes Steering Committee Member
Join Us in Atlanta!
Don’t miss this opportunity to collaborate with top experts, learn from industry pioneers, and shape the future of open source and cloud native security. Stay tuned for more details on registration and the event agenda. Interested in sponsoring the event, view the sponsorship prospectus.
With CNCF and OpenSSF leading the charge, Open Source SecurityCon 2025 will pave the way for a more secure open source ecosystem—empowering developers, businesses, and communities worldwide.