Agenda Thursday track two – Nordic Software Security Summit

Oct 2

8:30-9:00

Conference registration

9:00-9:15

Introduction and Welcome

Olle E. Johansson, Edvina.net

9:15-10:30

Keynote

FIlipe Jones Moreau, Eu Commission
Shared with track 2

10:00-10:30

Navigating the Cyber Resilience Act: From Open Source Dependencies to Secure Product Updates

Sal Kimmich
Shared with track 2

10:30-11:00

Break

“Fika” in the conference center

11:00-11:30

What would an ideal OSS Steward look like?

Salve Nielsen, volunteer in the CPAN Security Group

11:30-12:00

Continuous compliance through automated audits

Baldvin Gislason Bern, Axis Communications

12:00-12:30

The CI/CD Damn Vulnerable Project: Learning Pipeline Security Through Magic

Fatin Sirat, Security Researcher

12:30-13:30

Lunch

13:30-14:00

How to talk with your lawyer

Jimmy Ahlberg, Ericsson

14:00-14:30

PURL: The naming of packages is a difficult matter

Philippe Ombredanne, AboutCode.org

14:30-15:00

Using OWASP SAMM for CRA compliance

Maxim Beale, Toreon

15:00-15:30

Afternoon Break

Conference hall B + C

15:30-16:00

Patrik Fältström

Shared with track 1

16:00-17:00

Panel discussion

Time for questions from the audience
Shared with track 1

One day training and two day conference covering the coming legislation on the software industry

✦ October 1-3, 2025

✦ Hotel Birger Jarl, Stockholm, Sweden

✦ Early bird pricing to Aug 1st!

Partners 2025
Cybernode.se
Dataföreningen Väst
NCC-SE
Eclipse Foundation
ORCWG
OpenSSF
OWASP
SIG Security