We will keep this account up for now, but will not be actively monitoring or posting updates any more.

Twitter has always been an important platform to connect to our community, but it is sadly no longer a platform that we feel comfortable with and therefore we have decided to move away from X. Keep up to date with FOSS Security Campus on Mastodon and LinkedIn!.

Join millions who have switched to Grok.

We are sorry to announce that we have to cancel FOSS Security Campus in September. Please read our full statement here:

FOSS Security Campus brings a comprehensive program on #FOSS & #Opensource IT-Security to Berlin! Explore our schedule and get your ticket now!

At FOSS Security Campus, Mario Heiderich of @cure53berlin will lead a panel discussion to bring people from the #opensource and security bubble together, to learn where there are gaps between infosec and OSS, and where bridges need to be built.

At FOSS Security Campus @Hi_Fabienne and @mffap will share experiences building secure open source software, emphasizing developer engagement and the need for safety nets to ensure long-term software sustainability.

Our one-day training course by Peter Mosmans will cover understanding and applying automated security testing using open source tools, including integration in CI/CD pipelines. Tickets are limited — Register now!

Our full day training course by Stefan Grönke will sharpen your eyes for potential security vulnerabilities and teach strategies to design software with a security-in-depth mindset by developing a simple, yet resilient chat service. Register now!

Our two day workshop by @thomasfricke is about the technical and organisational aspects of building the processes necessary to implement a modern software factory with DevOps and Security aspects included. Register now, seats are limited!

This year at FOSS Security Campus, Jacek Marmuszewski will discuss Security headers, their importance, example attacks on unsafe apps, and mitigation options.

The inaugural edition of FOSS Security Campus features two days of in-depth security trainings, followed by a two day conference! Learn more on our website and register now!

At FOSS Security Campus, @ThiloFM & @jeremip will share their motivations and experiences of adding Supply Chain SBOM - SPDX and SLSA provenance - to an entire Linux distribution, and discuss usefulness and limitations for end users.

SBOMs are coming. But how can we use SBOMs to ensure we gain maximum benefit? At FOSS Seucurity Campus, Anthony Harrision will discuss the use cases where SBOMs can be used to deliver tangible benefit to an organisation.

A team of experts executed a security audit of Git, that resulted in the finding and fixing of multiple issues & improvements in automated security testing. At FOSS Security Campus, @ostifamir & @joernchen will discuss foundations, impact & lessons learned

We have an exciting lineup of talks & speakers for the inaugural edition of FOSS Security Campus! Explore our schedule and get your ticket now at our website:

FOSS Security Campus brings in-depth security trainings with a focus on Open Source by recognised experts to Berlin. Learn more about our courses and register now – seats are limited.

We have just been awarded a Gold Badge by the @CHAOSSproj DEI Badging Initiative! Learn more about our efforts towards Diversity & Inclusivity on our website:

Many C applications, often with histories going back decades, are vital parts of modern Linux systems; but often don't follow modern development or security practices. At FOSS Security Campus, @hanno will share experiences in modernizing an old codebase.

Do you know everything about the components you used to build your PHP application? At FOSS Security Campus, Sebastian Bergmann will cover topics from software supply chain security concerns to the funding of #opensource software.

At FOSS Security Campus, Mark Thomas will discuss 20+ years of vulnerability report handling in Tomcat — What went well, what went badly and what was an unmitigated disaster. Lots of lessons for anyone involved in vulnerability handling.