When you started building your application, did you fully understand the components you used? Who was responsible for figuring out the security implications of each framework and runtime? When evaluating each of these pieces, built by other humans just like us, which metrics were considered? These questions are addressed in the latest State of Open Source Security Report from Snyk. In this presentation, Patrick Debois will discuss the answers to these questions and help you see why security really boils down to human trust.