FOSS Security Campus

D&I Badging badge state: Gold



FOSS Security Campus, a new event focusing on IT security in the FOSS and open source sector will take place in Berlin, September 26-29th, 2023 for the first time. Topics include Open Source Supply Chains, Security Processes, Vulnerability Disclosure, Bug Bounties, Security by Design, Risk Mitigation and much more.

FOSS Security Campus comprises two days of full-day and multi-day training courses, followed by a two day conference.

An animated lock that is opening and closing

Follow or contact us!

…and join our Matrix-space

Subscribe to our newsletter!


FOSS Security Campus, a new event focusing on IT security in the FOSS and open source sector will take place in Berlin, September 26-29th, 2023 for the first time.

The two-day conference will feature a comprehensive conference program as well as discussion panels and workshops.

There will also be a two-day training program connected to the conference for backend developers in the cloud environment, DevOps engineers, and participants with an interest in networking topics. On the two days before the conference, the organizers will be offering full-day and multi-day training courses on the topics of open source and security using practical examples: What aspects need to be taken into account for scalable applications in the cloud as a whole, what possibilities are there for mitigating risks, especially in the supply chain area, when using open source software that are not possible with proprietary software?

The program is curated by an independent program committee of international experts. We are pleased to have Ian Coldwater, Ariadne Conill, fukami, Gregor Bransky, Lars Eilebrecht and Peter Rossbach as members of the program committee.

Our program is based on a call for papers. In particular, we are looking for submissions on the topics:

  • Open Source Supply Chain – What’s actually in my stack?
  • Open Source Security Processes – How do I recognize projects that have sensible security processes?
  • Vulnerability Disclosure – How do I disclose bugs to projects?
  • Bug Bounties, Zero Days, the problem with services
  • How to implement Security by Design.
  • Design for Audits

Co-founder Isabel Drost-Fromm says: “In a world where we stand on the shoulders of giants, where we build systems that are increasingly interconnected, supply chain security is becoming more and more important. I believe that as Free and Open Source projects, we can lead the way for the industry in terms of processes, best practices and technology patterns. I look forward to experts in this field coming together in Berlin to discuss the topic, collaborate and share their knowledge with the broader ecosystem.”

Thomas Fricke emphasizes the importance of the topic for the future viability of the IT industry: “Open source has been so successful that it has become ubiquitous. At the cost that no one has an overview of the security aspects of free and open source software anymore. This makes it all the more important to embed the principles of security by design deeply into development processes. Secure processes, secure architectures, secure code and secure operation must go hand in hand and become a general standard. We want to invite all experts to Berlin to discuss and raise the knowledge of open source security standards to a new level.”

As a first kick-off, the organizers will be on stage at the FOSS Backstage conference in Berlin on 13-14.03.2023.

Tickets for the conference and the IT training sessions are expected to go on sale in spring 2023. Online-only tickets will also be available for the conference.

FOSS Security Campus 2023 is co-funded by the European Union and the European Regional Development Fund (ERDF)