Feb 24
Loading video player...
Recorded live from GitHub Universe 2025, this episode features Kevin Crosby (GitHub) on the GitHub Secure Open Source Fund and its impact on supply chain security. The fund has run three sessions supporting 130+ projects and 219 maintainers, helping detect and fix 1,100+ vulnerabilities across widely used open source. Crosby explains the $10K per-project, 12-month sprint/check-in model, how projects are selected, how maintainers build better security practices (including incident readiness), and what’s next, including fundraising and session four in early 2026, plus how partners and maintainers can get involved. 00:00 Live from GitHub Universe: Why Supply Chain Security Matters 00:42 The GitHub Secure Open Source Fund: What It Is & Early Impact 01:22 From Accelerator to Scale: Training, Funding, and Shared Responsibility 03:01 Maintainer Reality Check: Awareness, Preparedness & Security Basics 04:02 How the Funding Works: $10K per Project, Sprint Bootcamp & Check-ins 06:10 How Projects Get Selected: Referrals, Applications & Cohort Mix 07:55 AI for Open Source Security: Copilot, Scanning, Autofix & Fuzzing Wins 10:32 What’s Next: Scaling to Thousands of Projects + Session 4 in 2026 12:20 How to Get Involved: Partners, Sponsors Logistics, Links & Contact 13:37 Wrap-Up: Where to Apply and Final Thanks