Articles / Presentations


I wrote the chapter on Open Source Security and Compliance for the O’Reilly Book “97 Things Every Information Security Professional Should Know”

Best Practices and Pitfalls for Using Open Source Components in Fintech (Synk webinar)

Open source in FSI: more leverage, less risk (warning Pandemic Haircut!!!)

“Just Enough Open Source: A kick start on security, license compliance, and business model – Open Source 101 Conference March 30 2021

Open Source Licensing: Types, Strategies and Compliance (All Things Open 2020)

The last 15 years of OSS compliance, current trends and the future (open Core Summit 2020)

Openchain: 15 Years in Open Source Compliance

ITProPortal: How to measure readiness for OSS vulnerabilities

The State of Open Source Software (OSS): 2016 Year in Review

2015 Year in Review The State of Open Source Software (OSS)

financialit: OSS Compliance in Banking and Finance

OSSF 2018 – Jeff Luszcz of Flexera – Common Open Source Intake Issues and How to Resolve Them

OSSF 2018 – Jeff Luszcz of Flexera – Day 2 – Open Source Culture, Standards, Risks, and Remediation: A Deep Dive

Automotive World: Understanding Open Source Software and automotive safety certifications

ITProPortal: OSS and third-party security risk: Lessons for IoT businesses

Linuxfest Northwest 2016: Securing Zombie code in your software

Linuxfest Northwest 2016: You’re Using Open Source, but are you respecting it?

Americas Business: Software CEO’s Unfamiliarity with Open Source and Third-party Use Places Banking and Financial Sector Businesses at Risk

Global Banking and Finance Review Magazine: Software CEO’s Unfamiliarity with Open Source and Third-party Use Places Banking and Financial Sector Businesses at Risk

DZone: Think Open-Source Software Is Free? Think Again…
Take control of the OSS in your product infrastructure and learn how to be a responsible user of open source software.

Network Security Newsletter: Apache Struts 2: how technical and development gaps caused the Equifax Breach

Five steps to managing Open Source Software vulnerability and license management

Open Source Adoption in Enterprises – The Risks, and How to Mitigate

Open Source Strategy Forum: Managing the Software Supply Chain Policies that Promote Innovation While Optimizing Security and Compliance

DZone: Open Source Lessons for IoT Companies

ITProPortal: Hackers “strut” in again at Equifax… What stopped the patch?

IDG Connect: The business rationale for an open source software internal audit

CLE Credit from The Knowledge Group: Open Source Software & the Technical Due Diligence Process

Creating An Environment for “Continuous Compliance” within Open Source Software (withh Martin Callinan)

Software Testing News: Why should we care about cutting and pasting open source code?

There’s A New Struts 2 Vulnerability, Take Heed

Dzone: Helping Make Open Source Secure, Compliant, and Sustainable With Jeff Luszcz of Flexera [Audio]

2018-06 Open Source Software – Implications for Internal Audit—Open-Source-Software—Implications-for-Internal-Audit.aspx

DZone: A Conversation With Jeff Luszcz

Webinar: Don’t Let Hackers Breach Your Data – Lessons learned from Apache Struts2, Heartbleed and Wannacry

Ignoring Open Source Components is Making Security Software Insecure