Katherine Druckman

Join us for "Taming the Chaos: What's Next in Engineering?" where top tech leaders discuss strategies to streamline development and anticipate future shifts in the realms of open source and AI. This panel, featuring luminaries like Kelsey Hightower, Michael Stahnke (VP Eng at Flox, ex VP at Circle CI), Katherine Druckman (Open Source Security @ Intel) and Ron Efroni (Founder of Flox), will explore effective ways to manage the growing complexity in tech stacks and highlight how AI, open source, and security trends are shaping the future of engineering.

As generative AI moves into production, developers face unprecedented security challenges beyond traditional approaches. This session examines how groups like OpenSSF and OPEA are developing frameworks and best practices for GenAI security. Learn about emerging threat taxonomies, practical security patterns, and community-driven initiatives addressing concerns from prompt injection to model supply chain security. Gain insights into work-in-progress standards being shaped by open source collaboration, and discover how to apply these evolving best practices to secure your GenAI applications.

In this talk you will learn how to navigate the CNCF Landscape to find information about our projects. You will learn how to search by category & maturity, and understand how organizations use these projects in production. The goal is for you to be confident in your ability to traverse the landscape so the next time you "go to the website" you will find what you need.

Finding one's voice in the open source community can be a transformative journey, particularly for underrepresented groups. In this engaging talk, Katherine, an experienced open source evangelist, developer, and established podcaster, will share her 15+ year open source journey and how podcasting played a significant role in her advocacy and personal growth. Attendees will learn how to embrace their diverse backgrounds and experiences to empower and amplify their messages through podcasting for open source audiences.

This talk will dive into the key considerations for securely consuming open source software. Attendees will learn to evaluate projects based on active maintenance, patch cycles, and vulnerability management. We will explore the role of project documentation, code contribution expectations, and community involvement in project maturity and code quality. The talk will also cover challenges in consuming open source software, the benefits of utilizing tooling and static analysis, and important developments in the open source security community.