Listen to the latest episode of the Secure Developer podcastListen now


Outcomes from the Open Security Summit 2018

June 13, 2018

Outcomes from the Open Security Summit 2018
The DevSecCon Team
The DevSecCon Team

Five packed days of intensive yet enjoyable collaboration have just come to a close! Hear what some of the attendees had to say and take a look at some of the outcomesreactions and photos.

The Summit has been an amazing event, many ideas have been shared and concrete outcomes for the overall community have been created by all participants. As mentioned in our last blog, the DevSecOps track was most important to ourselves – and here are some of the highlights of this track’s outcomes:

Selected feedback from some of our fellow OSS attendees

The summit is one of the best events to share knowledge with fellow peers and learn new things by working on cool projects. Because the technologies are evolving so fast it is really important to keep talking and discussing with people from the infosec community!
The DevSecOps track organized by Imran A. Mohammed is my favourite and the sessions for DevSecOps Studio I liked the most because here we teach people how to start with DevSecOps principles and how to create pipelines for example. The outcome is that we are going to work on it and improve it to make it even better and easier for the attendees.

Dominik de Smit

The summit is a great opportunity to work together on open source security projects which have a huge impact.

Timo Pagel, DevSecOps Consultant


I’d like to say thank you to everyone involved in organising the Open Security Summit, the sessions I attended on Wednesday (‘OWASP DevSecOps Studio’, ‘Creating Appsec metrics and visualisation’ and ‘secureCodeBox – How to improve your CI/CD pipeline with automated security tests’) were excellent. I found them well run and very informative and I’ve got a couple of good things to take away with me. If I’m able to attend the next Open Security Summit, I’ll certainly stay for the week.

Martin Ford, Software Governance Lead


Thanks for all your hard work organisers! I really enjoyed the summit. I must admit I was nervous about the format – when you see such a lineup of participants it can be intimidating! That being said, a couple of things helped me get over that nervousness – no company or title on the badges – meant if I didn’t know someone I wasn’t immediately thinking about how they were a CISO/Author/leader/ Influencer etc etc. I also really appreciated the way the rooms were laid out – I think this also helped it feel collaborative. However, whilst the facilitators were all incredibly hard working I think it may have been easy for some of them to get lost in the conversation with those that were familiar to them/ had loud voices. I felt in some sessions it was hard (IMHO) for those that were quieter to speak up and I’m not sure the facilitators always realised :disappointed: – This is so hard though – my advice would be to take a second regularly within the session to check everyone who wants to contribute can. -> But this was not a common theme at all and in no way a criticism of the facilitators/moderators.
I very much appreciated the fact that there was such a diverse group of attendees with regards to experience. Being able to share in discussions from such well known/experienced people was amazing, but my favourite was that they were listening and absorbing from those earlier on in their journeys. – This says a lot about our industry! I would definitely come back, I learnt a huge amount and have so much to think about going forward. LOVED that there was a Women In Tech Villa – have lots of ideas for some things we can do with this next year!
Thanks again everyone!

Tash Norris


This was also my first OSS. Great venue, food and accommodation – Center Parks is a perfect location and you’re away from London and the temptation of just going into the office. Some great sessions too – I have learned a huge amount that will be useful in my future work and have really enjoyed listening to some of the inspirational speakers.
I found the schedule quite difficult to navigate – I was unsure what I should join and found it difficult to plan in advance what I was going to do for the week. Perhaps a good way of scheduling would be to have the morning and first afternoon sessions as fixed (product sessions, presentations etc) then the late afternoon sessions more fluid and easy for people to get together for discussions (or even just to have a coffee). Despite this I had a great time and will certainly be coming next year. Huge thanks to Dinis and the team for the enormous effort they have put into making this summit happen.

Chris Allen


I wasn’t sure what to expect at first as the format is different from what you typically see in security conferences. It definitely exceeded my expectations, and the collaborative nature of the sessions and speakers made it a real learning experience that I had never had at a security conference before. You’re not just being talked at, we’re actually building things together in small groups to solidify the leanings, and the fact you’re surrounded by such knowledgeable crowd from morning till late is a unique networking experience not based on sales but on knowledge sharing. It was a shame I couldn’t attend the whole week, but will definitely do so for next year. The point of improvement I’d call out is with regards to the remote sessions that though all sessions had a remote login link, not all were actually working. Please keep it going.

Mario Platt


This is an awesome event in almost every way. It’s user-generated, collaborative nature makes for a highly innovative and productive environment. Venue is fantastic. Really well organised (herding cats?) so huge props to everyone involved in putting it all together. I’d rather spend time at this than any other sec conf.
Things that IMHO could make it even better…
It’s a hugely productive week but also really intense. It felt to me like everyone was burnt out by Thursday. Last year we had an unofficial afternoon off on the Thu with the trip to Bletchley, and many commented on how they felt refreshed after that – altho it was a bit too late in the week. We are in the middle of a fantastic activity centre – why not encourage some people to go have a break and some fun Wednesday afternoon? Swimming, outdoor activities, or just chilling out?
But to reiterate – it was still fantastic just like last year. I’ll definitely be back

Chris Cooper


I’d never been to any sort of conference at all, let alone a tech one, so had no idea what to expect. My pre-flight briefing was that I was a “woman in tech” so I’d be fine, and I have to say that was a pretty fair statement. The nicest thing was how welcoming most people were – where I felt I didn’t understand something there were often 2 or 3 people who would offer to spend time with me to go through the basics – special mention here has to go to Stephanie, Matt, and Adam who gave up valuable food-eating or session time to go through things with me and help me with how I could apply the basics in my role back home. I also love that I have received slack and linkedin messages from people either asking for my notes or offering help/advice, it really makes me feel as though in those few days we built a little community, an OSSFamily perhaps?
For me there was a definite journey of personal growth, from feeling like a really small fish, to giving the final keynote speech – definitely a personal win, especially when told multiple times I should have given my talk earlier in the week! It’s really overwhelming to think that people thought I had something so valuable to share.
I learned a lot this week, not just about security and devsecops, and I really hope I can make it back soon.

Sara Davis



News & Updates
Open Source
Open Source Security
We use cookies to ensure you get the best experience on our website.Read Privacy Policy