Episode 203 - Humans, conferences, and security: let me think and get back to you in a bit
Open Source Security29 Kesä 2020

Episode 203 - Humans, conferences, and security: let me think and get back to you in a bit

Josh and Kurt talk about human behavior. The conversation makes its way to conferences and the perpetual question of if a conference is useful or not. We come to the agreement the big shows aren't what they used to be, but things like BSides are great experiences.

Show Notes

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(527)

Embedded Security with Paul Asadoorian

Embedded Security with Paul Asadoorian

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the o...

5 Touko 202534min

tj-actions with Endor Lab's Dimitri Stiliadis

tj-actions with Endor Lab's Dimitri Stiliadis

Dimitri Stiliadis, CTO from Endor Labs, discusses the recent tj-actions/changed-files supply chain attack, where a compromised GitHub Action exposed CI/CD secrets. We explore the impressive multi-stag...

28 Huhti 202532min

Syft, Grype, and Grant with Alan Pope

Syft, Grype, and Grant with Alan Pope

I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and scan for vulnerabilities. Learn why generating and st...

21 Huhti 202531min

CVE for EOL with Aaron Frost

CVE for EOL with Aaron Frost

Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with k...

14 Huhti 202530min

cargo-semver-checks with Predrag Gruevski

cargo-semver-checks with Predrag Gruevski

Cargo Semver Checks is a Rust tool by Predrag Gruevski that is tackling the problem of broken dependencies that cost developers time when trying to upgrade dependencies. Predrag's work shows how autom...

7 Huhti 202533min

Distributed CI and Git with Lars Wirzenius

Distributed CI and Git with Lars Wirzenius

Lars Wirzenius discusses his innovative CI/CD system Ambient, which uses isolated virtual machines without network access to enhance security, and his work on Radicle, a peer-to-peer Git collaboration...

31 Maalis 202527min

FIDO authentication with William Brown

FIDO authentication with William Brown

William Brown tells us all about how confusing and complicated the FIDO authentication universe is. He talks about WebAuthn implementation challenges to flaws in the FIDO metadata service that affect ...

24 Maalis 202529min

CRA with Luis Villa

CRA with Luis Villa

In this episode, open source legal expert Luis Villa breaks down what the EU's Cyber Resilience Act means for developers and businesses, exploring carve-outs for individual contributors and the comple...

17 Maalis 202525min