Yvan will talk about the pitfalls, challenges, and humour of running security in an open source project, including bug bounty programs, funny incidents, and bug reports. Along the way he will also share information that other teams can learn from and the value of being open and honest about security issues.