The attack, which followed other well-known cybersecurity incidents involving open source software like Heartbleed, Shellshock, and Log4j, was another stark reminder that open source software, given how widespread it is, can pose significant security risks.

At TechCrunch Disrupt 2024, Bogomil Balkansky, partner at Sequoia Capital; Aeva Black, the section chief for open source security at the U.S. Cybersecurity and Infrastructure Security Agency; and Luis Villa, the co-founder of Tidelift, sat down to discuss the challenges of securing open source software.