From Compliance to Community: Meeting CRA Requirements Together

What's in the SOSS? An OpenSSF Podcast
29/07/2025 31 min Temporada 2 Episodio 13
From Compliance to Community: Meeting CRA Requirements Together

Listen "From Compliance to Community: Meeting CRA Requirements Together"

Descargar episodio

Episode Synopsis

In this episode of 'What's in the SOSS” CRob dives deep into the Erlang ecosystem with Jonatan Männchen (CISO, Erlang Ecosystem Foundation), Ulf (Product Owner, Herrmann Ultraschall), and Michael Winser (Alpha Omega). This episode explores the critical importance of security in open source, particularly in light of regulations like the CRA. Hear how the Erlang community is proactively addressing security concerns by bringing in experts, fostering collaboration, and building trust. Discover why manufacturers are investing in upstream projects and how other ecosystems can learn from their approach. This conversation highlights the value of community, transparency, and the essential role of 'stewards' in the open source world.Chapters:00:17 - Welcome00:57 - Meet the Guests02:56 - Jonatan’s Journey into Erlang06:16 - The Alpha Omega Connection09:07 - Ulf’s Perspective as a Product Manager13:09 - Funding Security in Open Source18:58 - Challenges in Implementing Security24:54 - Becoming a CNA and Normalizing Security28:18 - Jonatan’s role as CISO32:01 - Calls to Action & Advice36:49 - Wrap UpEpisode links:Jonatan Männchen LinkedIn pageUlf Riehm LinkedIn pageMichael Winser LinkedIn pageGet involved with the OpenSSFSubscribe to the OpenSSF newsletterFollow the OpenSSF on LinkedIn

More episodes of the podcast What's in the SOSS? An OpenSSF Podcast

Securing the Future: AI, Open Source, and Collaboration with Jay White (Microsoft) 02/12/2025
SBOM Chaos and Software Sovereignty: The Hidden Challenges Facing Open Source with Stephanie Domas (Canonical) 19/11/2025
A Deep Dive into the Open Source Project Security (OSPS) Baseline 04/11/2025
Building Trust in Open Source: Seth Larson's Journey from Maintainer to Security Leader 21/10/2025
New Education Course: Secure AI/ML-Driven Software Development (LFEL1012) with David A. Wheeler 16/10/2025
The Remediation Revolution: How AI Agents Are Transforming Open Source Security with John Amaral of Root.io 07/10/2025
From Manager to Open Source Security Pioneer: Kate Stewart's Journey Through SBOM, Safety, and the Zephyr Project 23/09/2025
Racing Against Quantum: The Urgent Migration to Post-Quantum Cryptography with KeyFactor's Crypto Experts 09/09/2025
Securing AI: A Conversation with Sarah Evans on OpenSSF's AI/ML Initiatives 26/08/2025
Open Source Security: OSTIF's 10-Year Journey of Collaborative Audits 12/08/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA