Loading…
25-27, August 2025
Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time, CEST (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right. 

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Type: Operations Management clear filter
Monday, August 25
 

13:30 CEST

The Impact of Copyleft on the EU CRA - Jimmy Ahlberg, Ericsson
Monday August 25, 2025 13:30 - 14:10 CEST
G107
The introduction of the EU Cyber Resilience Act (CRA) marks a transformative milestone in software security regulation within the European Union, with far-reaching implications for global software practices. As the EU seeks to bolster cybersecurity standards across digital products and services, the CRA introduces new requirements aimed at identifying, managing, and mitigating vulnerabilities more effectively.

This session will explore the specific implications of the CRA for Free and Open Source Software (FOSS), with a particular focus on projects under Copyleft licenses such as the GNU General Public License (GPL). Copyleft licenses, which require derivative works to also be open source, present unique challenges in the context of the CRA's provisions.

Join us as we delve into the complexities and opportunities presented by the EU CRA, and explore its impact on the future of Free and Open Source Software.
Speakers
avatar for Jimmy Ahlberg

Jimmy Ahlberg

Director Open Source, Ericsson
Currently Mr Ahlberg is the Director of Open Source Policy with the Ericsson OSPO. Prior to the inception of the Ericsson OSPO he worked in different roles with various aspects of Open Source in the Ericsson organization, This included consumption of and contribution to Open Source... Read More →
Monday August 25, 2025 13:30 - 14:10 CEST
G107
  Operations Management
  • Audience Experience Level Any

14:25 CEST

Open, Yet Secure: Rethinking Risk in the Age of Open Source - Avijit Biswas, IKEA IT AB
Monday August 25, 2025 14:25 - 15:05 CEST
G107
Open source is no longer just a developer’s playground—it’s the foundation of modern innovation. But as its influence grows, so do the challenges: security vulnerabilities, compliance concerns, and the risk of unchecked complexity.

At IKEA, we’ve reimagined open source not just as a collection of tools, but as a strategic engine for transformation. In this talk, I’ll share how we’ve integrated automation and AI across our Software Development Life Cycle (SDLC) to scale open-source adoption—safely, responsibly, and at speed.

This isn’t just about securing code. It’s about building trust. It’s about reducing friction. And ultimately, it’s about designing systems that are as resilient and collaborative as the communities that power them.

What you’ll learn:

• How to spot and address risks in open-source components

• Embedding automated security without slowing delivery

• Aligning compliance with innovation

• Real-world lessons from scaling secure OSS in enterprise environments

Join me to explore how smart automation can turn open source into a confident, competitive advantage.
Speakers
avatar for Avijit Biswas

Avijit Biswas

Open Source SME, IKEA IT AB
I’m Avijit Biswas—known to most as Avi. I’m a passionate open-source professional and technology strategist with over 15 years of experience in digital transformation and secure software development. At IKEA, I co-lead initiatives like open-source strategy, secure software practices... Read More →
Monday August 25, 2025 14:25 - 15:05 CEST
G107
  Operations Management

15:35 CEST

Centralized Approach To Implement OSS Compliance Program for Various Software Products - Venugopal Baswaraju, Sony India Software Centre & Anupama Sobhana, Sony India Software Centre
Monday August 25, 2025 15:35 - 16:15 CEST
G107
Sony Semiconductor Solutions(hereafter "SSS"), a subsidiary of Sony Group Corporation, is developing a device solution business centered on image sensors.

In this talk, we share our experience on how open-source-support team works with various product dev teams to ensure license compliance. SSS deals with many software products( from embedded firmware to cloud-based-solutions). To ensure license compliance, SSS created a dedicated open-source support team(part of OSPO) in Sony India Software Centre.

We showcase our streamlined license-clearance-workflow which has helped us to serve >250 license clearance requests for many product teams. You will get insights on how a centralized team of license experts augment product dev teams with licensing knowledge, suggestions for source code modifications, report generation, standards adoption SPDX SBOM. We also share the details about the tools we use for clearance. Towards the end of the talk, we share some benefits of a centralized team of experts (seamless sharing of licensing knowledge between experts, consistent quality of output,etc). As an effect, by unblocking License Compliance we have reduced the time to release for Product Teams.
Speakers
avatar for Venugopal Baswaraju

Venugopal Baswaraju

Program Manager, Sony India Software Centre, Sony India Software Centre
Venugopal Baswaraju is the Program Manager managing the OSS Compliance Program since its inception in 2022. In Sony Group, he has extensive experience in areas like product development, standards, certification and OSS compliance. He leads the strategy and execution of various technical... Read More →
avatar for Anupama Sobhana

Anupama Sobhana

Lead Software engineer, Sony India Software Centre
Anupama is an OSS License Compliance Lead and software engineer. She has extensive experience in Ubuntu/Debian based distribution management. She has extensive experience leading a team of License Clearance experts and cares deeply about the value of collaboration with open-source... Read More →
Monday August 25, 2025 15:35 - 16:15 CEST
G107
  Operations Management

16:30 CEST

Streamlining Open-Source License Compliance With the Continuous Clearing Tool - Amrit Kumar Verma & Dearsh Oberoi, Siemens
Monday August 25, 2025 16:30 - 17:10 CEST
G107
We present Continuous Clearing (CA) Tool, an open-source solution designed to automate & accelerate the license clearing of OSS components. This tool streamlines the identification & license compliance of 3rd party OSS components within various projects, including those using NPM, NuGet, Maven, Python, Alpine & Debian. It ensures that orgs. maintain a SBOM for all builds within the DevOps pipeline. It is designed with 3 different modules:

1. Package Identifier: This module accepts a package file or BOM as input & produces a SBOM file as output. It classifies each dependency type & incorporates into the output SBOM.

2. SW360 Package Creator: Utilizing the SBOM from the package identifier, this module identifies & creates any missing components or releases in SW360. Then associates components with the relevant project in SW360 & triggers the upload to FOSSology & automatically updates the clearing state in SW360. It also offers an option to exclude dev dependencies, if they are not relevant for compliance.

3. Artifactory Uploader: This final module takes the updated BOM & uploads components tagged as "Report approved" clearing state to the JFrog artifactory.
Speakers
avatar for Dearsh Oberoi

Dearsh Oberoi

Research Engineer, Siemens
Open source contributor and Research Engineer at Siemens, passionate about fostering inclusive communities. Active contributor at SW60 and LicenseDB. Focused on license management and SBOMs.
avatar for Amrit Kumar Verma

Amrit Kumar Verma

Research Engineer, SIEMENS
Research Professional | Open-Source Contributor | Mentor
Monday August 25, 2025 16:30 - 17:10 CEST
G107
  Operations Management
  • Audience Experience Level Any
 
Wednesday, August 27
 

11:00 CEST

The SBOM Era: Leaving No Open Source Project Behind With Osskb.org - Agustin Benito Bethencourt, Toscalix Consulting & Jeronimo Ortiz, SCANOSS
Wednesday August 27, 2025 11:00 - 11:40 CEST
G104
Creating complete, machine-readable SBOMs in standardized formats can be a significant burden for many open source projects, especially for resource-constrained, large integration efforts, projects dealing with complex dependencies, etc. Detection of undeclared dependencies and unwanted snippets is one of their main challenges.

This talk introduces osskb.org, a free of charge service by the Software Transparency Foundation (STF) designed to make accurate open source scanning accessible to all. Integrated as a back-end already by popular open source tools like FOSSology, ORT, FOSSLight, scanoos.py, or Theia, OSSKB.org detects open source files and code snippets against one of the largest open source knowledge bases, providing license information and without compromising user privacy.

The session will address key questions about STF's mission, governance and shareholders, it will walk attendees through the open source technologies behind osskb.org, and will demo how OSSKB.org works integrated with popular compliance tools and with pipelines.
Speakers
avatar for Agustin Benito Bethencourt

Agustin Benito Bethencourt

Independent consultant, Toscalix Consulting
Agustín has guided projects, and organizations throughout the life cycle of OSS based products and services in different markets. He now works as an independent consultant, focused on helping organizations in two ways: applying advanced data analytics to production environments to... Read More →
avatar for Jeronimo Ortiz

Jeronimo Ortiz

DevSecOps, SCANOSS
DevSecOps working at SCANOSS, passionate about helping organizations embrace DevOps culture and streamline processes
Wednesday August 27, 2025 11:00 - 11:40 CEST
G104
  Operations Management

11:55 CEST

Zero Trust Maturity Assessment With OSCAL - Donald Hunter, Red Hat
Wednesday August 27, 2025 11:55 - 12:35 CEST
G104
When implementing Zero Trust there is no one size fits all solution. The complexity of understanding the principles of Zero Trust and mapping them to a given technology stack have inhibited widespread adoption. Reasoning about system properties against any framework or criteria, and the corresponding adoption paths to achieve increasing maturity is always a challenge, especially for organisations relying on open source technologies.

By leveraging the Open Security Controls Assessment Language (OSCAL) controls and processes along with existing Red Hat compliance frameworks we aim to simplify Zero Trust compliance and maturity assessment while signposting the steps to improving Zero Trust maturity.

Attendees will walk away with an understanding of Zero Trust, how automated compliance can benefit their measurement and implementation of Zero Trust objectives, and open source efforts to streamline the assessment process.
Speakers
avatar for Donald Hunter

Donald Hunter

Senior Principal Software Engineer, Red Hat
Donald is the Security team lead in the Office of the CTO at Red Hat where he focuses on emerging technologies in Security. Donald is a veteran in the network industry with over 20 years at Cisco before joining Red Hat. Donald’s recent focus has been on AI trust and security, Zero... Read More →
Wednesday August 27, 2025 11:55 - 12:35 CEST
G104
  Operations Management
  • Audience Experience Level Any

14:10 CEST

Proactive Protection: Using AI To Safeguard Your Code and Supply Chain From Vulnerabilities - Meha Bhalodiya & Ruchi Pakhle, Red Hat
Wednesday August 27, 2025 14:10 - 14:50 CEST
G104
Step into a world where your code and supply chain is not just defended but dynamically shielded against digital adversaries. "Proactive Protection: Unleashing AI for Digital Fortification" immerses you in a riveting exploration of cutting-edge security tactics. Through captivating narratives and interactive simulations, delve into AI's transformative role in anticipating and neutralizing vulnerabilities before they strike. Discover how predictive algorithms, automated response mechanisms, and real-time threat intelligence converge to create a proactive defense ecosystem that adapts and evolves with your digital assets.

By the session's end, arm yourself with actionable strategies to infuse AI-driven resilience into your codebase and supply chain, ensuring a fortified digital frontier against ever-evolving cyber threats.
Speakers
avatar for Ruchi Shrikant Pakhle

Ruchi Shrikant Pakhle

Software Engineer, Red Hat
Software Engineer @Red Hat | LFX Spring'22 @open-horizon | Open Source Developer @asyncapi | Python geek and AI developer in free time :D
avatar for Meha Bhalodiya

Meha Bhalodiya

Software Quality Engineer, Red Hat
A Software Quality Engineer at Red Hat, where I work with the OpenShift Container Platform team.
Wednesday August 27, 2025 14:10 - 14:50 CEST
G104
  Operations Management

15:05 CEST

Navigating Uncertainty: Operational Risk Management in the Open-Source Sector - Eleni Katsoula, Collabora
Wednesday August 27, 2025 15:05 - 15:45 CEST
G104
As a consultancy working at the heart of the open-source ecosystem, Collabora operates in a landscape defined by constant change—technologically, economically, and organizationally. In this talk, we’ll explore how you can build operational resilience through intentional risk management, agile resource planning, and a deep understanding of the unique dynamics of working in this field.

We’ll look at how to balance the unpredictability of client pipelines, evolving upstream projects, and distributed collaboration with the need for sustainable business practices and delivery reliability. Drawing on principles of adaptive planning and lightweight risk frameworks, this session will offer practical approaches to identifying vulnerabilities, allocating resources effectively, and maintaining agility without losing focus.

Whether confronting fluctuating demand, evolving stakeholder landscapes, or macroeconomic uncertainty, open-source consultancies must rely on principles rather than predictions. This talk frames operational resilience as an emergent property of adaptive systems—rooted in flexibility, decentralization, and continuous feedback.
Speakers
avatar for Eleni Katsoula

Eleni Katsoula

Engineering Operations Manager, Collabora
I am a multilingual, internationally experienced executive & consultant, specializing in Business Operations, IT Management & Strategic Planning. With a strong background in engineering operations, business analytics, and financial planning, I help companies streamline processes... Read More →
Wednesday August 27, 2025 15:05 - 15:45 CEST
G104
  Operations Management

16:20 CEST

Keeping Your Software Supply Chain Healthy - Daniel Rabinovitz, GitLab
Wednesday August 27, 2025 16:20 - 17:00 CEST
G104
Heading to your annual checkup, you're anxious. Your abandoned gym routine and poor eating habits have left you with elevated sodium levels and unwanted weight gain. Last year's choices could have yielded better health outcomes, but now you face the consequences. Your organization faces similar health risks in its digital ecosystem. During your transformation, have you thoroughly examined your SDLC? Are your systems truly resistant to sophisticated attacks? Could unauthorized licenses be silently compromising your products from within? Effective protection mechanisms exist to safeguard your software supply chain throughout this critical transition.

Join Dan as he covers how to address software supply chain security to keep your organization healthy. Topics covered will include:

- Taking your software supply chain's vital signs with comprehensive security audits

- Diagnosing AI-related vulnerabilities before they become chronic conditions

- Cutting out harmful dependencies while strengthening your codebase's immune system

- Developing a healthy dependency management lifestyle for long-term organizational wellness

Don't let poor digital health decisions compromise your business.
Speakers
avatar for Daniel Rabinovitz

Daniel Rabinovitz

Senior Solutions Architect, GitLab
Dan is a Senior Solutions Architect at GitLab with 20+ years of experience in technical pre-sales. He's worked with Fortune 50 clients across financial services, insurance, and media sectors, including AIG, Citibank, and Verizon. Previously at Digital.ai, Sauce Labs, and IBM, Dan... Read More →
Wednesday August 27, 2025 16:20 - 17:00 CEST
G104
  Operations Management
 
  • Filter By Date
    Aug 24 - 28, 2025
  • Filter By Venue
    Amsterdam, Netherlands
    All
    Auditorium
    D201
    D202
    D203
    D204
    D406 (Elicium Level 4)
    Diamond Lounge
    Elicium 1
    Elicium 2
    Emerald Room
    First Floor Restaurant
    G001-002
    G102-103
    G104
    G105
    G106
    G107
    G109
    Hotel nHow Amsterdam RAI
    Meeting Room Vanilla - Hotel nHow Amsterdam RAI
    RAI Amsterdam
    TBA
  • Filter By Type
    Cloud & Containers
    Co-Located Events
    Digital Trust
    Embedded Linux Conference
    Equity + Inclusion + Accessibility
    Keynote Sessions
    Linux
    Open Source 101
    Open Source Leadership
    OpenGovCon
    Operations Management
    OSPOCon
    Project Mini-Summits
    Safety-critical Software
    Special Events / Exhibits / Breaks
    Standards & Specifications
    Technical Documentation
    Wildcard
    Zephyr Developer Summit
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone
Need help? View Support Guides
Event questions? Contact Event Planner
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Sunday, August 24
Monday, August 25
Tuesday, August 26
Wednesday, August 27
Thursday, August 28
Auditorium
D201
D202
D203
D204
D406 (Elicium Level 4)
Diamond Lounge
Elicium 1
Elicium 2
Emerald Room
First Floor Restaurant
G001-002
G102-103
G104
G105
G106
G107
G109
Hotel nHow Amsterdam RAI
Meeting Room Vanilla - Hotel nHow Amsterdam RAI
RAI Amsterdam
TBA
  • Cloud & Containers
  • Co-Located Events
  • Digital Trust
  • Embedded Linux Conference
  • Equity + Inclusion + Accessibility
  • Keynote Sessions
  • Linux
  • Open Source 101
  • Open Source Leadership
  • OpenGovCon
  • Operations Management
  • OSPOCon
  • Project Mini-Summits
  • Safety-critical Software
  • Special Events / Exhibits / Breaks
  • Standards & Specifications
  • Technical Documentation
  • Wildcard
  • Zephyr Developer Summit
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate