Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Aug 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(527)

XZ Bonus Spectacular Episode

XZ Bonus Spectacular Episode

Josh and Kurt talk about the recent events around XZ. It's only been a few days, and it's amazing what we already know. We explain a lot of the basics we currently know with the attitude much of these...

1 Apr 20241h 1min

Episode 422 - Do you have a security.txt file?

Episode 422 - Do you have a security.txt file?

Josh and Kurt talk about the security.txt file. It's not new, but it's not something we've discussed before. It's a great idea, an easy format, and well defined. It's not high on many of our todo list...

1 Apr 202430min

Episode 421 - CISA's new SSDF attestation form

Episode 421 - CISA's new SSDF attestation form

Josh and Kurt talk about the new SSDF attestation form from CISA. The current form isn't very complicated, and the SSDF has a lot of room for interpretation. But this is the start of something big. It...

25 Mar 202441min

Episode 420 - What's going on at NVD

Episode 420 - What's going on at NVD

Josh and Kurt talk about what's going on at the National Vulnerability Database. NVD suddenly stopped enriching vulnerabilities, and it's sent shock-waves through the vulnerability management space. W...

18 Mar 202439min

Episode 419 - Malicious GitHub repositories

Episode 419 - Malicious GitHub repositories

Josh and Kurt talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars and forks. This is really a discussion about how c...

11 Mar 202434min

Episode 418 - Being right all the time is hard

Episode 418 - Being right all the time is hard

Josh and Kurt talk about recent stories about data breaches, flipper zero banning, and realistic security. We have a lot of weird challenges in the world of security, but hard problems aren't impossib...

4 Mar 202430min

Episode 417 - Linux Kernel security with Greg K-H

Episode 417 - Linux Kernel security with Greg K-H

Josh and Kurt talk to GregKH about Linux Kernel security. We most focus on the topic of vulnerabilities in the Linux Kernel, and what being a CNA will mean for the future of Linux Kernel security vuln...

26 Feb 202442min

Episode 416 - Thomas Depierre on open source in Europe

Episode 416 - Thomas Depierre on open source in Europe

Josh and Kurt talk to Thomas Depierre about some of the European efforts to secure software. We touch on the CRA, MDA, FOSDEM, and more. As expected Thomas drops a huge amount of knowledge on what's h...

19 Feb 202442min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
rss-impressions-2
rss-heis
nasjonal-sikkerhetsmyndighet-nsm
rss-ai-forklart
shifter
fornybaren
elektropodden
smart-forklart
hans-petter-og-co
teknologi-og-mennesker
rss-alt-vi-kan
rss-grenser-for-ki
pedagogisk-intelligens
kortslutning
rss-kvantespranget