Dimitris is an experienced Cyber Security professional with a strong background in secure software development, cybersecurity governance, and risk management across both private and public sectors. With over a decade of experience, he has led the design and execution of enterprise-wide application security programs, embedding DevSecOps practices and advancing software supply chain security.
He is particularly passionate about enhancing the security of open source projects and fostering collaboration between developers and security practitioners to build more trustworthy software ecosystems.
Dimitris is an experienced Cyber Security professional with a strong background in secure software development, cybersecurity governance, and risk management across both private and public sectors. With over a decade of experience, he has led the design and execution of enterprise-wide application security programs, embedding DevSecOps practices and advancing software supply chain security.
He is particularly passionate about enhancing the security of open source projects and fostering collaboration between developers and security practitioners to build more trustworthy software ecosystems.
The EU’s Cyber Resilience Act (CRA) has entered into force, but the road to full compliance runs through 2027 — and a lot is happening along the way.
This session offers a fast-paced technical update on where we are now: vulnerability reporting rules, open-source guidance, and the first steps toward harmonized standards.
Open-source software (OSS) is everywhere — from libraries and frameworks to the infrastructure that powers modern applications. But not every project is equally safe to use. Hidden risks such as outdated dependencies, weak governance, or supply chain attacks can make a seemingly useful project a liability.
This workshop introduces participants to the core practices for evaluating the security of open-source projects. Through a mix of discussion and hands-on exercises, participants will learn how to assess the health of a project, spot red flags, and apply a systematic approach to deciding whether to adopt or trust an open source dependency.
