Open Source Security
Teknologia

Open Source Security

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There's a lot of good work happening that doesn't get attention because there's no marketing department behind it, they don't have a developer relations team posting on LinkedIn every two hours. Let's focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what's up, they have a lot to teach us. We just have to listen.

Jaksot(527)

Episode 366 - Software liability is coming

Episode 366 - Software liability is coming

Josh and Kurt talk about the number of dependencies that is now normal. Keeping track of thousands of dependencies used to be impressive, now it's normal. In what instances should we know everything a...

13 Maalis 202334min

Episode 365 - "I am not your supplier" with Thomas Depierre

Episode 365 - "I am not your supplier" with Thomas Depierre

Josh and Kurt talk to Thomas Depierre about his "I am not a supplier" blog post. We drink from the firehose on this one. Thomas describes the realities and challenges of being an open source maintaine...

6 Maalis 202352min

Episode 364 - Using SBOMs is hard

Episode 364 - Using SBOMs is hard

Josh and Kurt talk about SBOMs. Quite a bit has happened in the world of SBOMs in the last year or so. There are going to be different types of SBOMs, like build, source, or runtime. Each will tell us...

27 Helmi 202336min

Episode 363 - Joylynn Kirui from Microsoft on DevSecOps

Episode 363 - Joylynn Kirui from Microsoft on DevSecOps

Josh and Kurt talk to Joylynn Kirui about DevSecOps in the Microsoft universe. Joylynn gives us an overview of the current state of devops and tells us about some of the tools Microsoft has made avail...

20 Helmi 202331min

Episode 362 - A lesson in Rust from Carol Nichols

Episode 362 - A lesson in Rust from Carol Nichols

Josh and Kurt talk to Carol Nichols about Rust. Carol is an authority on Rust and helps us understand how Rust works, why it's different. Why Rust doesn't have the same problems C and C++ have, and wh...

13 Helmi 202341min

Episode 361 - GitHub got pwnt, but it wasn't very exciting

Episode 361 - GitHub got pwnt, but it wasn't very exciting

Josh and Kurt talk about the recent GitHub breach. It wasn't terribly exciting, but there are some interesting conversations to have around securing certificates, source code, and hardware security mo...

6 Helmi 202333min

Episode 360 - Memory safety and the NSA

Episode 360 - Memory safety and the NSA

Josh and Kurt talk about the NSA guidance on using memory safety issues. The TL;DR is to stop using C. We discuss why C has so many problem, why we can't fix C, and what some alternatives looks like. ...

30 Tammi 202334min

Episode 359 - The NOTAM outage and other legacy technology

Episode 359 - The NOTAM outage and other legacy technology

Josh and Kurt talk about the recent FAA NOTAM outage. Keeping legacy things running for long periods of time is really hard to do, this system is no different. It's also really hard to upgrade many of...

23 Tammi 202334min