This talk will discuss how to develop secure software through DevOps, including the use and securing of open source software (OSS). It will include specific actions you can take to develop secure software, as well as specific questions to ask when evaluating OSS. It will also discuss what the Open Source Security Foundation (OpenSSF) is and what it's doing to improve the security of the OSS we all depend on.