Loading…
OpenSSF Community Day Japan 2025
June 18, 2025 | Tokyo, Japan
Learn More and Register To Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for OpenSSF Community Day Japan 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Japan Standard Time. To see the schedule in your preferred timezone, please select it from the drop-down menu at the bottom to the right.

The schedule is subject to change.
← Back to schedule
Securing Open Source Code: From AI Vulnerabilities To Supply Chain Defense - Arpit Jain, Independent Security Researcher
Wednesday June 18, 2025 14:45 - 15:00 JST
Apollon A
Open source security faces growing risks from dependency vulnerabilities, leaked secrets, insecure AI-generated code, and supply chain attacks. In this talk, I will demonstrate how to use open source tools like Trivy, Grype, Gitleaks, and Trufflehog to scan dependencies and detect exposed secrets.

I will explain how to build and maintain a Software Bill of Materials (SBOM) to protect codebases and organizational assets. Using real-world case studies—Trufflehog’s discovery of 12,000+ live API keys in AI training data, the Rabbit R1 credential exposure, and supply chain incidents in the US and Japan—I will show the impact of poor code security practices.

Live demo will highlight how AI models trained on insecure code can propagate vulnerabilities. Attendees will leave with practical techniques for scanning codebases, securing their development pipelines, and preventing the next generation of supply chain threats.
Speakers
avatar for Arpit Jain

Arpit Jain

Security Researcher | Open Source Contributor, Independent Security Researcher
Arpit Jain is a security researcher and active open source contributor, focusing on supply chain security, secure coding, and ethical AI. He has contributed security patches to multiple open source projects on GitHub. Arpit’s mission is to help new engineers gain visibility in the... Read More →
Wednesday June 18, 2025 14:45 - 15:00 JST
Apollon A
  15 Minute Presentations

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Need help? View Support Guides
Event questions? Contact Event Planner
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link