Secure Software Starts with Awareness: Education & Open Source with the Council of Daves Artwork

What's in the SOSS? An OpenSSF Podcast

What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure.

Get a taste of all the ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments.

Each episode of What's in the SOSS? is packed with valuable insight designed to foster collaboration and promote stronger security practices for the open source software community.

About Christopher Robinson (aka CRob), host
CRob is a 43rd level Dungeon Master and a 26th level Securityologist. He is a leader within several Open Source Security Foundation (OpenSSF) efforts and is a frequent speaker on cyber, application, and open source security. He enjoys hats, herding cats, and moonlit walks on the beach.

All Episodes

What's in the SOSS? An OpenSSF Podcast

Secure Software Starts with Awareness: Education & Open Source with the Council of Daves

April 22, 2025 • OpenSSF • Season 3 • Episode 6

In this episode of What’s in the SOSS, host CRob is joined by the “Council of Daves” - Dr. David Wheeler of the OpenSSF and Dave Russo from Red Hat — for a deep dive into the intersection of secure software development and education. From their open source origin stories to the challenges of educating developers and managers alike, this conversation covers key initiatives like the LFD121 course, upcoming resources on the EU Cyber Resilience Act, and how AI is shifting the landscape.

Whether you're a developer, manager, or just open source curious, this is your crash course in why security training matters more than ever.

📚 Episode Chapters:

Intro & Meet the Council of Daves (0:16)
Open Source Origin Stories (1:22)
The Role of the Education SIG (4:05)
Why Secure Software Education Is Critical (6:30)
Inside the LFD121 Secure Development Course (8:01)
Training Managers on Secure SDLC Practices (12:24)
Why AI Makes Education More Important, Not Less (13:53)
What’s Next in Security Education: CRA 101 and More (16:04)
Rapid Fire Round: VI vs. EMACS, Tabs or Spaces & Mascots (20:20)
Final Thoughts & Call to Action (22:04)

Episode links: