Episode 206 - Confidential Virtual Machines; The future of cloud computing
Josh and Kurt talk about Google's new confidential VMs. The AMD Secure Encrypted Virtualization is the technology that makes it all possible. What is SEV, how does it work, and why should you care? Th...
20 Jul 202031min
Episode 205 - The State of Open Source Security with Alyssa Miller from Snyk
Josh and Kurt talk to Alyssa Miller from Snyk about the State of Open Source Security 2020 report. Alyssa was the report author and has some great insight into the current trends we're seeing in open ...
13 Jul 202031min
Episode 204 - What Would Apple Do?
Josh and Kurt talk about some recent security actions Apple has taken. Not all are good, but in general Apple is doing things to benefit their customers (their customers are not advertisers). We also ...
6 Jul 202032min
Episode 202 - The convergence of application security
Josh and Kurt talk about the security of applications. We talk about the security of infrastructure all the time, but what happens when we combine infrastructure into an application or solution? Sho...
22 Jun 202029min
Episode 201 - We broke CVSSv3, now how do we fix it?
Josh and Kurt talk about CVSSv3 and how it's broken. We started with a blog post to explain why the NVD CVSS scores are so wrong, and we ended up researching CVSSv3 and found out it's far more broken ...
15 Jun 202031min
Episode 200 - Talking Container Security with Liz Rice
Josh and Kurt talk to Liz Rice from Aqua Security about container security and her new book on the same topic. What does container security look like today? What are some things you can do now? What w...
8 Jun 202028min
Episode 199 - Special cases are special: DNS, Websockets, and CSV
Josh and Kurt talk about a grab bag of topics. A DNS security flaw, port scanning your machine from a web browser, and CSV files running arbitrary code. All of these things end up being the result of ...
1 Jun 202029min
