Agenda Thursday track two

Oct 2

8:30-
9:00

Conference registration

9:00-
9:15

Introduction and Welcome

Olle E. Johansson, Edvina.net

9:15-
10:30

Keynote

FIlipe Jones Moreau, Eu Commission
Shared with track 2

10:00-
10:30

Navigating the Cyber Resilience Act: From Open Source Dependencies to Secure Product Updates

Sal Kimmich
Shared with track 2

10:30-
11:00

Break

“Fika” in the conference center

11:00-
11:30

What would an ideal OSS Steward look like?

Salve Nielsen, volunteer in the CPAN Security Group

11:30-
12:00

Continuous compliance through automated audits

Baldvin Gislason Bern, Axis Communications

12:00-
12:30

The CI/CD Damn Vulnerable Project: Learning Pipeline Security Through Magic

Fatin Sirat, Security Researcher

12:30-
13:30

Lunch

13:30-
14:00

How to talk with your lawyer

Jimmy Ahlberg, Ericsson

14:00-
14:30

PURL: The naming of packages is a difficult matter

Philippe Ombredanne, AboutCode.org

14:30-
15:00

Using OWASP SAMM for CRA compliance

Maxim Beale, Toreon

15:00-
15:30

Afternoon Break

Conference hall B + C

15:30-
16:00

To be announced

Patrik Fältström
Shared with track 1

16:00-
17:00

Panel discussion

Time for questions from the audience
Shared with track 1

One day training and two day conference covering the coming legislation on the software industry

✦ October 1-3, 2025

✦ Hotel Birger Jarl, Stockholm, Sweden

✦ Early bird pricing to Aug 1st!

Partners 2025
Cybernode.se
Dataföreningen Väst
NCC-SE
Eclipse Foundation
ORCWG
OpenSSF
OWASP
SIG Security

Oct 2

8:30-9:00

Conference registration

9:00-9:15

Introduction and Welcome

9:15-10:30