{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifmo3bya7jmc3wwpbpnlr6viy75qbmp4orcermbnjsdhknydldbce",
    "uri": "at://did:plc:gapzbf5nl5wxaqkqoecaeawh/app.bsky.feed.post/3mjpsy5qmwhv2"
  },
  "path": "/the-open-source-trap-why-trust-isnt-a-security-strategy/",
  "publishedAt": "2026-04-17T17:27:28.000Z",
  "site": "https://devops.com",
  "tags": [
    "Video Interviews",
    "AI code review",
    "Anchore",
    "devsecops",
    "XZ Utils backdoor"
  ],
  "textContent": "The XZ Utils backdoor was a wake-up call, but the underlying problem it exposed has not gone away. Sophisticated adversaries are playing the long game, spending months or years earning trust within open source projects before introducing malicious code into libraries that sit at the foundation of modern software infrastructure. Mike Vizard and Josh Bressers, […]",
  "title": "The Open Source Trap: Why Trust Isn’t a Security Strategy"
}