Challenges in Open Source Application Security – Shubhra Kar – ASW #163

Open Source is the new mainstream of software development. However not much attention is paid on security in the upstream community for creating robust and secure software. At the LF, we are working on some initiatives and tools to help bridge the gap between functional and secure code, so that the benefits flow downstream to all users of OSS. Visit for all the latest episodes!

Full Episode Show Notes

Challenges in Open Source Application Security


Shubhra Kar

Shubhra Kar – Global CTO and GM of Products & IT at The Linux Foundation


Shubhra is a passionate technology leader with over twenty years of experience in open source, cloud, enterprise architecture, DevOps, IoT and Realtime Monitoring and Analytics. Shubhra’s career spans early stage startups to NASDAQ-listed companies generating nearly $10B+ in annual revenue. He is a bottoms up Product leader, with previous lives of developer, enterprise architect, management consultant, pre-sales director, and chief evangelist before finding his calling in product management. At the Linux foundation, Shubhra created the LFX platform with services for every stage of the open source supply chain. He also runs the Cloud and Release engineering team serving 700 open source projects

He came to the Linux Foundation from Joyent/Samsung, where as VP of Products, he ran multiple product lines – primarily services like Multi-Cloud Kubernetes, Machine Learning, Serverless and Monitoring/Analytics/Logging/Tracing. Previous to Samsung, Shubhra served as VP of Product and Marketing at startups like InfluxData (#1 Time Series platform in the world) and StrongLoop (acquired by IBM) and is also the current Marketing Chair of the Node.js Foundation. He has also held management and technical leadership positions at CA Technologies and Infosys (India’s first startup to bluechip success story).


John Kinsella

John Kinsella – Co-founder & CTO at Cysense


John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square


Mike Shema is the Product Security Lead of Square


  • CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit to take the survey

  • InfoSec World 2021 is proud to announce its keynote lineup for this year’s in-person event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on world pass and main conference registration! Visit to register now!