Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Aug 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(527)

Episode 270 - Hello dark patterns my old friend

Episode 270 - Hello dark patterns my old friend

Josh and Kurt talk about dark patterns. A dark pattern is when a service tries to confuse a user into doing something they don't want to, like unknowingly purchasing a monthly subscription to somethin...

10 Mai 202132min

Episode 269 - Do not experiment on the Linux Kernel

Episode 269 - Do not experiment on the Linux Kernel

Josh and Kurt talk about the University of Minnesota experimenting on the Linux Kernel. There's a lot to unpack in this one, but the TL;DR is you probably don't want to experiment on the kernel. Show ...

3 Mai 202129min

Episode 268 - Can we trust any 3rd parties?

Episode 268 - Can we trust any 3rd parties?

Josh and Kurt talk about what 3rd party means in the current world. From 5G suppliers, to the Codecov and Solarwinds breaches. Is there anyone we can trust? Show Notes Europe and 5G Codecov Codecov R...

26 Apr 202130min

Episode 267 - Does 0day still mean 0day?

Episode 267 - Does 0day still mean 0day?

Josh and Kurt talk about 0day security vulnerabilities. What are they? What were they? And why the name has taken on a new meaning, and that's OK. Show Notes Hacker History Podcast Chrome 0day NTFS ...

19 Apr 202128min

Episode 266 - The future of security scanning with Debricked

Episode 266 - The future of security scanning with Debricked

Josh and Kurt talk to Emil Wåreus from Debricked about the future of security scanners. Debricked is doing some incredibly cool things to avoid relying on humans for vulnerability identification and c...

12 Apr 202128min

Episode 265 - The lies closed source can tell, open source can't

Episode 265 - The lies closed source can tell, open source can't

Josh and Kurt talk about the PHP backdoor and the Ubiquity whistleblower. The key takeaway is to note how an open source project cannot cover up an incident, but closed source can and will cover up da...

5 Apr 202131min

Episode 264 - DevSecOps with GitLab's Mark Loveless

Episode 264 - DevSecOps with GitLab's Mark Loveless

Josh and Kurt talk to Mark Loveless from GitLab. We touch on DevSecOps, what GitLab is doing, threat modeling, and the time Mark tested positive for TNT at the airport. It's a great conversation. Show...

29 Mar 202133min

Episode 263 - GitHub pulls exploits, LinuxFoundation sign all the things

Episode 263 - GitHub pulls exploits, LinuxFoundation sign all the things

Josh and Kurt talk about how terrible daylight savings is. GitHub yanking some exploit code. And the Linux Foundation new project to sign all the things. Show Notes Researcher Publishes Code to Explo...

22 Mar 202132min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
energi-og-klima
nasjonal-sikkerhetsmyndighet-nsm
rss-impressions-2
rss-heis
tomprat-med-gunnar-tjomlid
rss-ai-forklart
shifter
elektropodden
fornybaren
rss-alt-vi-kan
smart-forklart
kortslutning
teknologi-og-mennesker
rss-polypod
rss-praktisk-proptech
rss-ki-praten
rss-grenser-for-ki