Æva Black

Æva Black

Null Point Studio

Æva Black is an international thought leader on open source software security, with over 25 years of experience building digital infrastructure, leading open source projects, and advising on cybersecurity policy.

— “Technical Luminary” — Wired

After leading OSS Security Programs first in the Azure Office of the CTO and then at the U.S. Cybersecurity & Infrastructure Agency, Æva founded Null Point Studio, a boutique cybersecurity consulting firm in the Netherlands, to continue supporting the sustainability and security of free and open source software.

— “child prodigy turned creative genius” — CISA

A veteran of the first dot-com bubble, Æva’s signature red-and-black aesthetic has darkened conference stages around the world since 2005. When not behind a computer screen, they can be found on a motorcycle or looking for new ways to support their local queer community.

Sessions

Security

Secure by Design? Discussion on Voluntary Security Attestations

Workshop
16. March 2026, 16:40 - 17:10
Wintergarten
With this discussion following the Chatham House Rule format, we wish to invite FOSS Backstage attendees to come together to explore how communities could issue risk-based attestations sufficient to reduce downstream compliance burdens in ways that support (rather than burden) open source communities.
Security

Can Open Source be Secure by Design?

Keynote
16. March 2026, 10:05 - 10:45
Auditorium
The tech Industry has relied heavily on Free and Open Source Software for 20 years but under-investing in its security and maintenance has increased global cybersecurity risk. Æva Black will reflect on this history and show how regulations could improve security across the ecosystem.