Community Tech Meetup

Promoting TECHSynergy

Solutions for Software Supply Chain Security and Crypto Agility

26 September 2024, Stockholm

Meet our experts and learn about Keyfactor's open-source tech and our eco-system integrations
Join the Conversation #communitytechmeetup

Community Tech Meetup banner image

About the Community Tech Meetup

We are thrilled to announce the third annual Keyfactor Community Tech Meetup, inviting engineers and security specialists from Stockholm, the Nordics and around the world. Prepare yourself for an immersive experience filled with engaging presentations, hands-on workshops, and demos.

This exclusive one-day, in-person event offers a unique platform to explore the latest advancements in software supply chain security and crypto agility. We'll focus on cutting-edge concepts and solutions SBOMs, in-toto, attestation and on topics such as crypto agility, with a special emphasis on PQC migration scenarios and ecosystem integrations. Cryptography, Public Key Infrastructure (PKI), certificates, and digital signing form the foundational pillars of our discussions.

square image of Stockholm with the riverside in the foreground and a lovely sunsetting sky in the background

September 26 2024, 8:30 - 18:30

Epicenter, Stockholm

Mäster Samuelsgatan 36, Stockholm

How to get here: Stockholm public transport is accessible, affordable, and will get you wherever you want. If you prefer to drive, make sure you plan for traffic and research parking beforehand.

Our Sessions

Our exciting agenda is now live! Register today to secure your spot and stay tuned for more updates to come.

Securing Open Source, for Everyone | Keynote session by Omkhar Arasaratnam

Omkhar Arasaratnam, General Manager Open SSF

This Keynote explores the critical role of open source security and the initiatives of the Open Source Security Foundation (OpenSSF). As open source software becomes increasingly integral to global technology infrastructure, ensuring its security is paramount. The talk will cover the unique challenges open source projects face, such as widespread usage and diverse contributor bases, and how OpenSSF addresses these through collaborative efforts, best practices, and innovative tools. Attendees will gain insights into current open source security trends, the importance of community involvement, and practical steps to enhance the security of open source software in their own projects.

The Quantum Era: Updates on Quantum Readiness and Cryptographic Standards | Presentation by Tomas Gustavsson and David Hook

Tomas Gustavsson, Chief PKI Officer | David Hook, VP Software Engineering Bouncy Castle

This presentation shares the latest updates from renowned authorities such as NIST, BSI, IETF, and X.9. What is new regarding standardizations and other insights and guidelines for navigating the quantum landscape?

We will also explore the landscape of cryptographic protocols, formats, and standards that require adjustment to withstand the quantum onslaught, from TLS and CMS to other crucial cryptographic protocols.

PQC Crypto Agility and Hybrid Certificates, different formats, and migration strategies | Presentation by Tomas Gustavsson and David Hook

Tomas Gustavsson, Chief PKI Officer | David Hook, VP Software Engineering Bouncy Castle

This talk will cover hybrid cryptography within the context of post-quantum cryptography (PQC), exploring the rationale behind hybrid systems and their role in ensuring interoperability during migration and enhancing security against quantum threats.

We will discuss hybrid PKI, covering different suggested standards, their pros and cons, and contexts of use. Additionally, we will explore various PKI migration paths, offering strategies for different organizational needs. Organizations must navigate the quantum horizon with consideration of their unique circumstances.

Securing the Software Supply Chain: Industry-Standard Practices, Insights, and Getting Started | Presentation by Ben Dewberry, Sven Rajala and Christofer Vikström

Ben Dewberry, Product Manager, Signing and Key Management | Sven Rajala, International PKI Man of Mystery – PKI SME | Christofer Vikström, KTH Master Thesis Student

Ensuring the integrity and security of the software supply chain is crucial. This talk explores industry-standard practices like in-toto, SLSA, SBOMs, and SigStore Cosign, and their application to software development and distribution. We will also discuss leveraging the open-source signing software SignServer to fortify the software delivery process.

TechSynergy in Secure IoT Deployments: Secure Boot, Secure OTA, and Security in OPC/UA | Presentation by Andreas Philipp and Florian Handke

Andreas Philipp, Senior Business Development Manager, IoT | Florian Handke, Smart Production Engineer Campus Schwarzwald

This presentation explores collaborative efforts in the IoT ecosystem, highlighting partner use cases: Espressif Secure Boot v2, Mender Secure OTA with SignServer, and an Industrial Cybersecurity integrations with OPC-UA and EJBCA. We demonstrate deploying these solutions to fortify IoT infrastructures against security threats, emphasizing crypto agility and software supply chain security.

Bridging the Gap: Interoperability Testing of PQC PKI/EJBCA with HSMs | Presentation by Tomas Gustavsson

Tomas Gustavsson, chief PKI Officer

We discuss the outcomes of our interoperability testing between PQC PKI/EJBCA and Hardware Security Modules (HSMs).

HSMs are foundational for building a production-ready PKI.

Secure Software Supply Chain Workshop: Live Integrations | Workshop by Sven Rajala and Christofer Vikström

Sven Rajala, International PKI Man of Mystery – PKI SME | Christofer Vikström, KTH Master Thesis Student

Join our interactive workshop to learn the implementation of industry-standard practices like in-toto and Cosign with SignServer. Through practical examples, gain insights into fortifying software delivery against tampering and supply chain attacks. By the end, attendees will have the knowledge and tools to enhance the security and integrity of their software supply chains.

Quantum-Ready Workshop: Building Hybrid PKIs and Demonstrating Interoperability | Workshop by Tomas Gustavsson and David Hook

Tomas Gustavsson, Chief PKI Officer | David Hook, VP Software Engineering Bouncy Castle

Join us for an interactive workshop. We will delve into the practical aspects of building hybrid PKIs and seamlessly integrating quantum-safe cryptography into TLS.

The attendees will learn step-by-step procedures for setting up hybrid PKIs capable of issuing both classic and post-quantum certificates. We will then demonstrate interoperability with the OQS provider for OpenSSL3 and Bouncy Castle.

Ask me Anything About EJBCA | Presentation Henrik Sunmark, Mike Argenius Kushner and Magnus Normark

Henrik Sunmark, Senior Product Architect | Mike Argenius Kushner, Senior Product Architect | Magnus Normark, Senior Product Manager

Whether you’re a beginner or an experienced user, this session is your chance to get answers to your questions, share insights, and explore the capabilities of EJBCA. Our experts are here to provide guidance, discuss best practices, and help you maximize.

Ask me Anything About SignServer | Presentation Markus Kilås and Ben Dewberry

Markus Kilås, Senior Product Architect | Ben Dewberry, Product Manager, Signing and Key Management

Whether you’re new to SignServer or an experienced user, this session is your opportunity to ask questions, share experiences, and explore the capabilities of SignServer. Our team of experts is here to provide insights, offer guidance, and discuss best practices to help you leverage SignServer effectively in your projects. Join us for an interactive session where we’ll dive into the world of SignServer and explore its potential in secure digital signing.

Confimed Speakers

Discover our confirmed speakers, with more to come! Stay tuned for the full agenda reveal.

Omkhar Arasaratnam

General Manager Open SSF

Tomas Gustavsson

Chief PKI Officer, Keyfactor

Malin Ridelius

VP Community, Keyfactor

Admir Abdurahmanovic

SVP Strategy, Keyfactor

David Hook

VP Software Engineering, Crypto Workshop

Sven Rajala

Senior Solutions Engineer – PKI SME, Keyfactor

Eric Mizell

Field CTO and VP, Solution Engineering, Keyfactor

Save Your Seat. Space
Is Limited

Secure your spot now and pre-register to be the first to get news about the meetup

The Keyfactor Community Tech Meetup promises to be an informative and engaging event, bringing together experts and enthusiasts in cryptography, PKI, certificates, and digital signing. This is your chance to stay up to date with the latest advancements in the field, participate in meaningful discussions, and gain hands-on experience through workshops. Join us for an inspiring day of learning, networking, and collaboration, and be at the forefront of the evolving landscape of digital security. 

Frequently Asked Questions

Who attends the Community Tech Meetup?

  • Engineers and developers interested in cryptography, PKI, and digital security. 
  • Security specialists and professionals responsible for cyber security questions. 
  • Researchers and academics working in the field of cryptography and digital signatures. 
  • Technical IT managers seeking to enhance their organization’s security posture. 

What's on the agenda?

The agenda includes a mix of presentations, hands-on workshops, round table discussions and networking opportunities where you can connect with like-minded developers, architects and security and industry professionals, and other peers. We believe that this will be a day for exchanging ideas, forge new partnerships, and possibilities to expand your professional network. 

What's the timing?

What is it: One day and in-person event

Date: 26 September 2024

Timing: 8:30-18:30 including meals, coffee breaks, and After Work

Location: Epicenter, Mäster Samuelsgatan 36, Stockholm

Who do I contact for more information?

For additional information, please contact [email protected]   

Kindly be aware that registration for the Keyfactor Community Tech Meetup is binding. If you cannot make it, please let us know at [email protected] so that we can give your seat to another attendee.

What is the cost to attend?

Attending this event is complimentary.

Kindly be aware that registration for the Keyfactor Community Tech Meetup is binding. If you cannot make it, please let us know at [email protected] so that we can give your seat to another attendee.

Can I earn CPE's?

Your attendance at the Tech Meetup can give you up to 6 CPE’s.