Open Source Summit + AI_dev Japan 2024: Full Schedule

October 28-29, 2024 | Tokyo, Japan
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + AI_dev Japan 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Japan Standard Time (UTC +9). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

11:15 JST

Architecting Kubernetes-Based Internal Developer Platforms: Essential Patterns and Practices - Hiroshi Hayakawa, LY Corporation

Monday October 28, 2024 11:15 - 11:55 JST

Hall A (3)

Recent IT paradigms like DevOps, CD, and IaC have shortened release cycles but burdened developers with mastering many tools. Platform Engineering, a field of software engineering frequently discussed in the CNCF, addresses this by providing Internal Developer Platforms (IDPs) that automate non-essential tasks. Kubernetes is widely used to run the various components that make up an IDP, thanks to its consistent API experience and high extensibility. However, Kubernetes was initially created as a general foundation for running workloads, not as part of platforms. Therefore, IDP builders must add Cloud Native technologies and customizations to Kubernetes. Despite three years since the rise of platform engineering, making the right architectural and technology choices remains challenging and requires a deep understanding of the organization's context and technologies. In this session, he will explain various architectural patterns for building IDPs using Kubernetes, including access control and multitenancy. Additionally, based on years of experience providing Kubernetes-based IDPs, he will discuss the pros/cons, operational considerations, and suitable organizational structures.

Speakers

Hiroshi Hayakawa

Staff Platform Engineer, LY Corporation

Hiroshi is a lead engineer of Kubernetes-based application platforms in LY Corporation's Private Cloud Division. The company runs many large-scale applications on its Kubernetes-based platform, and Hiroshi is skilled in running applications stably at such a scale. He has also been... Read More →

Monday October 28, 2024 11:15 - 11:55 JST
Hall A (3)

CloudOpen

Audience Beginner

11:15 JST

From Policy Enthusiast to Legislators' Contact Point - Ciarán O'Riordan, OpenForum Europe

Monday October 28, 2024 11:15 - 11:55 JST

Hall A (1)

Governments around the world are working on legislation to regulate cybersecurity, AI, and product liability for software. The success of free and open source projects and companies has been driven by our technology. Our teams working on legislation and public policy are much smaller, but we also have results that we can be very proud of. This presentation looks at the importance of policy work and what we do that leads to success in this domain. We will look at the international relevance of some current regulations being produced in Europe - notably the EU's Cyber Resilience Act, the AI Act, and the Product Liability Directive. From these, we will look at how these areas could be best regulated in other parts of the world. We will examine the technical information that policy makers need, so that they can make informed decisions. And we will also look at the meta goal of improving our policy work in the long term. We will do this by looking at the methods and organisation that allowed our ecosystem to be effective while working with the legislators to improve these texts.

Speakers

Ciarán O'Riordan

Sr. Policy Advisor, OpenForum Europe

Senior Policy Advisor at OFE, Ciarán O’Riordan has been working in Brussels since 2004 with a focus on EU policy and free and open source software. He recently worked on the EU's Cyber Resilience Act as well as coordinating the efforts of many free and open source organisations... Read More →

Monday October 28, 2024 11:15 - 11:55 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

12:05 JST

Open Source LLMs in the Cloud: Scalable Solutions - Miley Fu, WasmEdge

Monday October 28, 2024 12:05 - 12:45 JST

Hall A (3)

The demand for running LLMs in the cloud is growing exponentially. In this keynote, we will explore developer’s and enterprises’ urging need for open source LLMs and the best practices for deploying them in cloud-native environments. Three key approaches for LLM deployment: Python-based solutions, native runtimes like llama.cpp or vLLM, and WebAssembly as an abstraction layer. Miley will discuss the benefits and challenges of each approach, focusing on real-world applications, integration ease, portability, and resource efficiency and talk about the CNCF CNAI ecosystem landscape. This keynote aims to demystify cloud-native AI. Attendees will have practical advice and a clear roadmap for deploying LLMs in the cloud, learning about the strengths and trade-offs of different approaches, to have a better idea to select and implement the most suitable strategy

Speakers

Miley Fu

DevRel, WasmEdge

Miley is a Developer Advocate with a passion for empowering developers to build and contribute to open source. With over 5 years of experience working on WasmEdge runtime in CNCF sandbox as the founding member, she talked at KubeCon, KCD Shenzhen, CloudDay Italy, DevRelCon, Open Source... Read More →

Monday October 28, 2024 12:05 - 12:45 JST
Hall A (3)

CloudOpen

Audience Beginner

12:05 JST

Secure Code, Safe Future: Mastering Security in Critical Software Development - Liran Tal, Snyk

Monday October 28, 2024 12:05 - 12:45 JST

Main Hall

You do your best to build a quality product and ensure testability and maintainable code. However, code security issues require a different domain of expertise, and your last vulnerable line of code is your first security regret. Maybe you heard about OWASP Top 10, and just maybe you can spot an SQL injection but how do you scale and prioritize code security across your tech stack and your development team? How do you ship secure operational technology (OT) software for critical infrastructure? This task becomes even more difficult to balance with false positive alerts, struggles to find vulnerable C++ libraries statically compiled in your runtime, and bridging the growing security knowledge gap that results in developers writing insecure code. Tune in to learn about secure coding practices and techniques to produce high-quality secure software. Your takeaways from this session will be learning from practical real-world vulnerable code, secure dependency upgrade policies, leveraging SBOMs for vulnerability and package signals, and hands-on hacking demos. This session offers actionable strategies and real-world applications to help you safeguard your critical software projects.

Speakers

Liran Tal

Director of Developer Advocacy, Snyk

Liran Tal is a software developer, and a GitHub Star, world-recognized for his activism in open source communities and advancing web and Node.js security. He engages in security research through his work in the OpenJS Foundation and the Node.js ecosystem security WG, and further promotes... Read More →

Monday October 28, 2024 12:05 - 12:45 JST
Main Hall

Critical Software Summit

Audience Beginner

12:05 JST

Step by Step, What Should We Do for the Kernel Ecosystem? - Hirotaka Motai, Cybertrust Japan

Monday October 28, 2024 12:05 - 12:45 JST

Hall A (4)

The announcement that the kernel LTS period would be two years came as a shock to embedded Linux developers (especially in Japan). However, it was also the moment that they had been relying on the kernel maintainers.Hirotaka wondered what we could do for the maintainers who worked so hard to maintain the kernel LTS, and started "Linux Kernel LTS Study Group" in Japan.A number of issues came up, including those related to kernel testing, the product development period and LTS period, and upgrading kernel versions. In this session, he will share the summary of discussions with in-house kernel developers working in Japanese companies and some examples of Open Source projects that can help you solve them, and encourage what other in-house kernel developers or just user can do as a first step for the kernel community.

Speakers

Hirotaka Motai

Expert Engineer and OSPO staff, Cybertrust Japan

Hirotaka worked as an embedded software engineer for 20 years. Currently he works for Cybertrust Japan and develops Debian-based embedded Linux Distribution and technical services with his team. He is a member of the technical committees in the CIP project. He is also an OSPO staff... Read More →

Monday October 28, 2024 12:05 - 12:45 JST
Hall A (4)

LinuxCon

Audience Beginner

15:40 JST

Open Discussion on Understanding Cultural Differences When Approaching OSS - Daniel Izquierdo Cortázar, Bitergia; Ana Jiménez Santamaría, The Linux Foundation/TODO Group; Yuki Hattori, GitHub; Willem Jiang, ByteDance

Monday October 28, 2024 15:40 - 16:20 JST

Hall A (1)

This panel aims to provide lessons learned on cultural differences when approaching OSS communities. In the past, Willem and Daniel explored the differences between China and Spain. This time we are bringing Yuki Hattori, based in Japan, GitHub employee, and Ana Jiménez from the TODO group with a wide perspective on OSS projects around the world. We learned in the past about how Chinese society works [ring-based trusted networks] and barriers to effectively bringing people into Western based organizations and the other way around, how to effectively interact with more Chinese-based OSS projects. This time we would like to expand this discussion with Japanese concepts such as 'nemawashi' which is the practice of laying groundwork and building consensus before making proposals, 'uchi-soto' dynamics which is the distinction between 'insiders (uchi) and outsiders (soto) in social groups, and others. This panel will bring this discussion to the audience with practical advice on how to engage and onboard newcomers, while we are all learning together from each other.

Speakers

Willem Jiang

Principal Open Source Evangelist, ByteDance

Willem Jiang (Jiang Ning) is the principal Open Source Evangelist of ByteDance OSPO , and serves as a board director of the Apache Software Foundation. He has contributed to various Apache projects, including Camel, CXF, ServiceMix, and ServiceComb. Prior to joining ByteDance, Willem... Read More →

Daniel Izquierdo

CEO, Bitergia

Daniel Izquierdo is a researcher and co-founder of Bitergia and currently holding the position of CEO, he is focused on the quality of the data, research of new metrics, analysis and studies of interest for Bitergia customers via data mining and processing. Daniel earned a PhD in... Read More →

Ana Jimenez

Project Manager, Linux Foundation

Ana is a senior Project Manager at the Linux Foundation's TODO Group project, an open group of practitioners who want to collaborate on best practices and tools to effectively manage open source operations through Open Source Program Offices (OSPOs). Formerly she worked at Bitergia... Read More →

Yuki Hattori

Sr. Customer Success Architect, GitHub

Primarily provides technical support for GitHub's enterprise solutions. Actively promotes the adoption of GitHub Copilot.Additionally, focuses on introducing open source culture and practices into corporations, advocating for InnerSource to break down organizational silos. Through... Read More →

Monday October 28, 2024 15:40 - 16:20 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

17:30 JST

OSS Bird’s Eye View : a Comprehensive Picture of the Open - Taishi Yoneshima, Japan OSS Promotion Forum / NEC & Shinji Enoki, Japan OSS Promotion Forum / LibreOffice Japanese Team

Monday October 28, 2024 17:30 - 18:10 JST

Hall A (1)

“The OSS Bird’s Eye View” provides a comprehensive picture of the open source ecosystem. “The OSS Bird’s Eye View” is a tool for visualizing OSS projects, created by community within Japan. This diagram helps to understand the categories and trends of the OSS ecosystem. In this session, we will explain how to create the OSS Bird’s Eye View and how to use it. Also, by comparing past OSS Bird’s Eye Views, we will introduce what kind of transitions have occurred in OSS over the past 10 years, and show how the OSS Bird’s Eye View has deepened our understanding of the OSS ecosystem. This session is beneficial for all people who are beginners in OSS, community leaders, developers, researchers, educators, and those who want to utilize OSS in business. We look forward to your participation.

Speakers

Shinji Enoki

Japan OSS Promotion Forum / LibreOffice Japanese Team

Shinji Enoki ia member of the OSS Bird's Eye View team of the Japan OSS Promotion Forum. His other community activities are a member of the LibreOffice Japanese Team, a substitute member of Membership Committee of The Document Foundation, a volunteer staff of Japan UNIX Society, a... Read More →

Taishi Yoneshima

Leader / Assistant Manager, Japan OSS Promotion Forum / NEC

He is a leading member of the Open Source Program Office in NEC Corporation, and promoting OSS utilization and risk mitigation within the company, developing solutions related to SBOM and OSS security, and proposing secure utilization of OSS. He is a leader of Bird's-eye View WG of... Read More →

Monday October 28, 2024 17:30 - 18:10 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

11:10 JST

Monsters in the Deps: How to Protect Your AI/ML Systems from Supply Chain Attacks - Erin Glass & Patrick Smyth, Chainguard

Tuesday October 29, 2024 11:10 - 11:50 JST

Hall B (4)

Love developing AI/ML systems, but don’t want to become the next front-page cyberattack? We got you! In this fast-paced, meme-a-liscious, hands-on workshop, we’ll take a deep dive into the murky waters of the AI/ML supply chain, explore its many threats and terrors, and then – with our trusty box of supply chain security tools – build an island of safety for our AI/ML systems! Participants will come away with the skills and knowledge to significantly improve AI/ML supply chain security at their organization, as well as the unpleasant awareness about what might happen if the industry doesn’t do the same. Sorry! Hands-on activities will include vulnerability scanning, creating/consuming SBOMs/AIBOMs, digital signing using Sigstore tools, and provenance tracking. We will also provide a conceptual background on AI/ML supply chain components, attack categories, and global regulation and standards related to AI/ML security. Led by software supply chain and AI deployment experts at Chainguard, this workshop will enable participants to harden their AI/ML systems and evangelize others to do the same.

Speakers

Erin Glass

Senior Product Manager, Chainguard

Dr. Erin Glass is a product manager at Chainguard, where she focuses on supply chain security education and meme R&D. She has published widely in developer education and other digital topics, including the courses Securing the AI/ML Supply Chain and Painless Vulnerability Management... Read More →

Patrick Smyth

Staff Developer Relations Engineer, Chainguard

Dr. Patrick Smyth is Staff Developer Relations Engineer at Chainguard, where he shows developers how to deploy AI and other applications with 0 CVEs using Chainguard Images. Patrick has a PhD in the digital humanities and in a previous life led technical bootcamps for researchers... Read More →

Tuesday October 29, 2024 11:10 - 11:50 JST
Hall B (4)

AI_dev

Audience Beginner

11:10 JST

Surviving Project Abandonment: Meteor.js Case Study - Jan Dvorak, Literary Universe

Tuesday October 29, 2024 11:10 - 11:50 JST

Hall A (1)

When a project is abandoned by its inventors, core contributors, and the most prolific community members, it often spells the end. Yet, Meteor.js managed to rebound from the brink of oblivion. This talk explores the critical factors that led to Meteor's fall from being one of the hottest new projects to its near-demise and the remarkable turnaround. We'll delve into the issues that created the crisis, and more importantly, the strategies and actions that enabled a successful comeback. The discussion will cover the pivotal errors that contributed to the project's initial decline and the challenges faced by the community in reviving Meteor, including the lack of comprehensive internal documentation. We will examine the solutions that facilitated the recovery, while also addressing the ongoing challenges and unresolved issues within the Meteor community. Finally, we will explore practical steps and tools you can employ to safeguard your own open-source projects from similar pitfalls.

Speakers

Jan Dvorak

Founder & CEO, Literary Universe

Born in Prague, Czechia, Jan finished his Masters in IT at Rochester Institute of Technology in 2016 and shortly thereafter became involved in the Meteor.js community and OSS in general. Since then, he has been increasingly involved in OSS (Meteor in particular) as a contributor... Read More →

Tuesday October 29, 2024 11:10 - 11:50 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

12:00 JST

Volvo Cars' OSPO Journey - Drive OSS Maturity Level - Mary (Meixia) Wang, Volvo Car Corporation

Tuesday October 29, 2024 12:00 - 12:40 JST

Hall B (3)

we would like to share with audience about volvo cars' open source journey, and how we drive open source maturity within Volvo Cars.

Speakers

Meixia Wang

Director of Open Source Ecosystem, Volvo Car Corporation

Mary Wang is the Director of Open Source Ecosystem of Volvo Car Corporation. Her professional accomplishments include initiating open source project, forming and built OSPO for Volvo Cars. Before this, Mary was a subject matter expert configuration manager and was responsible for... Read More →

Tuesday October 29, 2024 12:00 - 12:40 JST
Hall B (3)

Automotive Linux Summit

Audience Beginner

12:00 JST

A Case Study in API Cost of Running Analytics in the Cloud at Scale with an Open-Source Data Stack - Bin Fan & Hope Wang, Alluxio

Tuesday October 29, 2024 12:00 - 12:40 JST

Hall A (3)

The migration of data-intensive analytics applications to cloud-native environments promises enhanced scalability and flexibility but introduces complex cost models that pose new challenges to traditional optimization strategies. While on-premises setups focused on speed, cloud deployments require a more nuanced approach, factoring in cloud storage operations costs, which can escalate rapidly in real-world scenarios. In this presentation, Bin will analyze these challenges through a case study on Uber's large deployment analytics SQL platform on HDFS and GCS. They will show their findings of unexpected cost implications with standard I/O optimizations like table scans, filters, and broadcast joins when implemented in cloud environments. He will also highlight the need for a paradigm shift in optimizing data-intensive applications for the cloud and advocate for developing new I/O strategies, balancing performance and costs while tailored to cloud ecosystems' unique demands.

Speakers

Hope Wang

Developer Advocate, Alluxio

Hope Wang is a Presto Contributor and a Developer Advocate at Alluxio. She has a decade of experience in Data, AI, and Cloud. An open-source contributor to PrestoDB, Trino, and Alluxio, she currently works at Alluxio as a developer advocate and previously worked in venture capital... Read More →

Bin Fan

VP of Technology, Alluxio

Bin Fan is the founding engineer and VP of Technology at Alluxio, Inc. Prior to Alluxio, he worked for Google to build the next-generation storage infrastructure. Bin received his Ph.D. in Computer Science from Carnegie Mellon University on the design and implementation of distributed... Read More →

Tuesday October 29, 2024 12:00 - 12:40 JST
Hall A (3)

CloudOpen

Audience Beginner

14:00 JST

Building a Thriving Open-Source AI Community with LF AI & Data Foundation - Vini Jaiswal, TikTok

Tuesday October 29, 2024 14:00 - 14:40 JST

Hall B (4)

Ever feel like contributing to groundbreaking AI projects but unsure where to start? Have a cool project that you are looking to find a neutral entity for? Through the session learn how the LF AI & Data foundation empowers open-source projects. Discover the framework to support for open development, governance models, and resources like legal assistance, marketing, and events. Gain exclusive updates from the LF AI and Data Technical Advisory Council (TAC). Learn about their vision, technical roadmap, success stories and how you can contribute. The session will cover practical tips and tricks to dive into project contributions, navigate the initiation process, and ultimately guide you towards project graduation. Also discover the diverse work streams within LF AI and Data foundation and how you can leverage your skills to make a real difference in the open-source AI community.

Speakers

Vini Jaiswal

Chair of Technical Advisory Council, Linux Foundation AI & Data

Vini Jaiswal is a renowned expert in AI and Data, acclaimed for her significant contributions to Apache Spark, MLflow, PrivacyGo and, notably, Delta Lake. Holding pivotal roles such as Chair of the Technical Advisory Committee (TAC) at Linux Foundation Data and AI, Governing Board... Read More →

Tuesday October 29, 2024 14:00 - 14:40 JST
Hall B (4)

AI_dev

Audience Beginner

14:00 JST

Empowering Growth: The Community-Driven Roadmap for Open Source Companies - Khushboo Verma, Appwrite

Tuesday October 29, 2024 14:00 - 14:40 JST

Hall A (1)

Are you struggling to scale your open-source product? You're not alone. Traditional business models don't always fit the community-driven world of open source. Join me in this talk as we explore the essential components of a community-driven roadmap for open-source companies. We will discuss the importance of inclusivity, clear communication, and creating a welcoming environment for contributors through engaging initiatives and effective use of platforms. We will evaluate different options for community platforms and explore how community appreciation initiatives like awards and giveaways can be more than just token gestures, serving as powerful tools to incentivise participation and foster a sense of appreciation among community members. Moreover, we'll discuss the art of incorporating valuable feedback from the community into the development process, leading to more robust projects and a shared sense of ownership. Drawing on real-world examples and experiences, this talk will equip you with actionable insights to chart a course for your open-source company's success through a community-driven approach.

Speakers

Khushboo Verma

Platform Engineer, Appwrite

Khushboo is a Software Engineer and is passionate about technology and building communities. She has previously worked at Microsoft and Adobe. Having a passion for public speaking, she has delivered talks at over 100 events, including Microsoft Build and PyCon India and has a solid... Read More →

Tuesday October 29, 2024 14:00 - 14:40 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

14:50 JST

Building Better CI/CD Pipelines with Buildpacks - Unnati Mishra, VMware by Broadcom & Akshat Khanna, Astuto.ai

Tuesday October 29, 2024 14:50 - 15:30 JST

Hall A (2)

Imagine a world where the hassles of configuring dependencies disappear, replaced by a streamlined and automated process. Buildpacks enable developers to focus on writing code instead of dealing with complex configurations. This session will unveil the secrets of Buildpacks, highlighting their capacity to seamlessly manage various languages, frameworks, and runtime environments. Discover how Buildpacks revolutionize your development pipeline, fostering consistency and efficiency. A sneak peek to our session: *Core principles & benefits of Buildpacks *Application packaging/deployment *Using Buildpacks to enhance collab across development teams Whether you're a seasoned CI/CD practitioner or a DevOps enthusiast, this session equips you with the knowledge to transform software development with Buildpacks. Join us to explore the exciting future and the impact of Buildpacks on the CI/CD landscape.

Speakers

Unnati Mishra

R&D Engineer Software 2, VMware by Broadcom

Unnati is working as a R&D Engineer Software 2 at VMware by Broadcom, India. Currently working with the Release Engg team of the Tanzu Kubernetes Grid. She has been active in Open Source community since 2019 and has also participated in many Hackathons, bagging prizes in few of them... Read More →

Akshat Khanna

Software Development Engineer 2, Angel One

Akshat Khanna is currently working as SDE 2, building Angel One Stock Trading Platform and previously worked as MTS 2 at VMware Tanzu. He has been working on Kubernetes solution for the edge and also actively contributing to open-source. He has good experience of developing products... Read More →

Tuesday October 29, 2024 14:50 - 15:30 JST
Hall A (2)

ContainerCon

Audience Beginner

14:50 JST

Secure and Encrypted Boot in Zephyr RTOS - Parthiban N, Linumiz

Tuesday October 29, 2024 14:50 - 15:30 JST

Meeting Room 1

MCUboot enables secure booting of Zephyr RTOS using asymmetric cryptographic signature verification with a public key. Typically, the hash of the public key is embedded within the MCUboot binary, ensuring its integrity. For enhanced tamper protection, this hash can also be securely stored and retrieved using hardware keys. Embedded SoCs, such as the i.MX RT, offer advanced security features like High Assurance Boot (HAB), Data Co-Processor (DCP), and Trusted Firmware-M (TF-M) for implementing TrustZone in SoCs like the nRF91. These features enable secure storage with hardware crypto acceleration or external security modules (e.g., TPM, EdgeLock) to store keys in a hardware vault. This presentation will explore MCUboot secure booting with hardware keys, using the NXP i.MX RT as an example. We'll delve into HAB for booting signed and encrypted MCUboot, establishing a hardware root of trust, and booting Zephyr RTOS using keys from OTP for verification. Additionally, we'll discuss using the TF-M backend and OTP for securely booting TrustZone-enabled SoCs.

Speakers

Parthiban

Engineer, Linumiz

With over 14 years of experience in software engineering, Parthiban founded Linumiz, a company that provides domain-neutral software services for U-Boot, Linux, and Zephyr, ranging from board bringup, board supported package, customization, device drivers, to over the air software... Read More →

Tuesday October 29, 2024 14:50 - 15:30 JST
Meeting Room 1

Embedded IoT Summit

Audience Beginner

14:50 JST

How to Make Open Source Work for Your Career - Sujata Tibrewala, Bytedance

Tuesday October 29, 2024 14:50 - 15:30 JST

Hall A (1)

If you're seeking visibility and recognition for your merits, there's no better place than open source to invest your time and energy. As the saying goes, 99% of bright minds are outside of your organization. Thus, by engaging with the right open source community, you increase your chances of collaborating with them. In this session, we'll discuss how you can leverage the visibility and relationships you cultivate in open source to secure your next job or achieve your career goals, whether it's transitioning into new technology, advancing in your current field, or refining your leadership skills.

Speakers

Sujata Tibrewala

Open Source Community and Ecosystems manager, Bytedance

Sujata leads a cross-functional, forum of open source leaders to ensure Alignment and a positive presence in communities for their 50+ Open source projects. She has grown developers' communities from scratch from 0 to thousands into vendor-neutral communities like Linux Foundation... Read More →

Tuesday October 29, 2024 14:50 - 15:30 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

15:50 JST

What I Learned from Participating in the Kubernetes Upstream Community - Akihito Inou, NEC Solution Innovators, Ltd.

Tuesday October 29, 2024 15:50 - 16:30 JST

Hall A (1)

What are the advantages of using OSS? - Is it because it is free to use? - Is it because you can start using the latest features? - Is it because everyone else is using it? I believe all of these reasons are correct, but the value becomes even greater by not only using OSS but also engaging more deeply with the OSS community. How should you handle bug fixes and feature additions when using OSS? - Should you maintain patches internally within the company? - Should you modify the source code to implement unique features internally since it is open source? The best practice in the OSS world is to participate in the OSS community and address these issues within the community. In this session, I will share the value of using the OSS community and talk about easy ways to get started with community activities. I will also share tips for engaging with the community. Additionally, I will introduce the CNCJ(Cloud Native Community Japan), which was established to be more active to the cloud-native community in Japan, and training for participating the Kubernetes community which is subchapter of CNCJ.

Speakers

Akihito Inoh

Manager, NEC Solution Innovators, Ltd.

Akihito is a software engineer focus on OSS container technology like a Kubernetes and is forcusing to Cluster Lifecycle and Contributor Experience of Kubernetes mainly.Before that, he joined project for deploying IaaS service with OpenStack.

Tuesday October 29, 2024 15:50 - 16:30 JST
Hall A (1)

Open Source Leadership Summit

Audience Beginner

15:50 JST

The Dark Side of AI: The Hidden Risks in Open-Source AI Models - Tal Folkman, Checkmarx

Tuesday October 29, 2024 15:50 - 16:30 JST

Main Hall

Explore the dark side of powerful AI tools and the burning question: Are they truly secure? Join me as we unravel the construction of AI models, focusing on their weak spots. Through multiple demos, witness how AI models can be manipulated to become malicious. This session offers a deep dive into a case study on the "Malicious Copilot" IDE plugin will showcase how a code-completion model can be trained to target specific victims, embedding malicious code within models, and more. Additionally, we'll tackle practical takeaways for companies utilizing generative AI and LLMs.

Speakers

Tal Folkman

Security Research Team Lead, Checkmarx

Tal Folkman is a seasoned senior malware researcher and accomplished expert in cybersecurity with over 8 years of experience in the field. Tal possesses exceptional skills in detecting and analyzing malicious code present in open-source software supply chains.In 2021, Tal joined Dustico... Read More →

Tuesday October 29, 2024 15:50 - 16:30 JST
Main Hall

SupplyChainSecurityCon

Audience Beginner