Explore the impact of Log4shell on open source software security in this keynote address. Examine the watershed moment that forced security and IT teams to scramble during the holidays, patching vulnerabilities and identifying affected systems. Learn about the swift government response and the spotlight cast on open source software's ubiquity and security concerns. Discover the significant progress made by the OSS community in prioritizing security post-Log4j, despite limited resources and funding. Gain insights into the frustrations within the OSS community regarding perceptions of its security posture compared to proprietary software. Delve into the current state of OSS security, highlighting recent enhancements and discussing future steps needed to make open source secure by default. Recognize the unique benefits of open source and its potential to improve the security of society's critical infrastructure.