Open Source Summit
AI Vulnerability Surge Tests Software Supply Chains | Open Source Summit 2026
12m
Mike Vizard talks with Brian Fox of Sonatype about why AI-assisted vulnerability discovery could create a rapid surge of software supply chain risk. Fox explains that attackers and defenders can now use advanced models to find flaws faster, which could lead to exploit timelines that outpace traditional patching, triage and dependency management processes. The conversation also explores package registry sustainability, organizational bills of materials and why teams should run tabletop exercises to prepare for multiple Log4Shell-scale events in compressed timeframes.
Up Next in OSS 2026 Minneapolis
-
CDEvents Simplifies AI-Ready Develope...
Mike Vizard talks with Dadisi Sanyika of the Continuous Delivery Foundation about Conduit and the effort to reduce integration complexity for internal developer platforms. Sanyika explains how CDEvents can provide consistent software delivery receipts across tools such as Jenkins and Tekton, maki...
-
Decentralized Identity Secures AI Age...
Mike Vizard talks with Alexander Shcherbakov of DSR Corporation about why AI agents need stronger identity, trust and credentialing models as agent-to-agent communication becomes more common. Shcherbakov explains how decentralized identity, verifiable credentials, OpenID Connect and selective dis...
-
Hardened Containers Address AI-Era Vu...
Mike Vizard talks with Alex Zenla of Edera about the company’s alliance with Minimus and why hardened containers need to be paired with hardened runtime environments. Zenla explains that AI-assisted vulnerability discovery is increasing pressure on organizations to patch known issues faster while...
