Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault, where OSS project credentials are compromised and malicious code is intentionally injected into open source libraries, allows hackers to poison the well. In this session, Brian Fox, 20 year open source developer and CTO of Sonatype, will explain how both security and developers must work together to stop this trend. Or, risk losing the entire open source ecosystem. Analyze, and detail, the events leading to today’s “all-out” attack on the OSS industry Define what the future of open source looks like in today’s new normal Outline how developers can step into the role of security, to protect themselves, and the millions of people depending on them.