Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Aug 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(527)

Episode 326 - Big fat containers

Episode 326 - Big fat containers

Josh and Kurt talk about containers. There are a lot of opinions around what type of containers is best. Back when it all started there were only huge distro sized containers. Now we have a world with...

6 Juni 202237min

Episode 325 - Is one open source maintainer enough?

Episode 325 - Is one open source maintainer enough?

Josh and Kurt talk about a recent OpenSSF issue that asks the question how many open source maintainers should a project have that's "healthy"? Josh did some research that shows the overwhelming major...

30 Maj 202235min

Episode 324 - WTF is up with WFH

Episode 324 - WTF is up with WFH

Josh and Kurt talk about the whole work from home debate. It seems like there are a lot of very silly excuses why working from home is bad. We've both been working from home for a long time and have a...

23 Maj 202235min

Episode 323 - The fake 7-Zip vulnerability and SBOM

Episode 323 - The fake 7-Zip vulnerability and SBOM

Josh and Kurt talk about a fake 7-Zip security report. It's pretty clear that everyone is running open source all the time. We end on some thoughts around what SBOM is good for, and who should be resp...

16 Maj 202238min

Episode 322 - Adam Shostack on the security of Star Wars

Episode 322 - Adam Shostack on the security of Star Wars

Josh and Kurt talk to Adam Shostack about his new book "Threats: What Every Engineer Should Learn From Star Wars". We discuss some of the lessons and threats in the Star Wars universe, it's an old cod...

9 Maj 202233min

Episode 321 - Relativistic Security: Project Zero on 0day

Episode 321 - Relativistic Security: Project Zero on 0day

Josh and Kurt talk about the Google Project Zero blog post about 0day vulnerabilities in 2021. There were a lot more than ever before, but why? Part of the challenge is the whole industry is expanding...

2 Maj 202234min

Episode 320 - Security Twitter is not the real world

Episode 320 - Security Twitter is not the real world

Josh and Kurt talk about a survey about a TuxCare patch management and vulnerability detection. Sometimes our security bubble makes us forget what it's like in the real world for the people who keep o...

25 Apr 202232min

Episode 319 - Patch Tuesday with a capital T

Episode 319 - Patch Tuesday with a capital T

Josh and Kurt talk about a lot of security vulnerabilities in this month's Patch Tuesday. There's also a new Git vulnerability. This sparks the age old question of how fast to patch? The answer isn't ...

18 Apr 202230min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
market-makers
natets-morka-sida
rss-laddstationen-med-elbilen-i-sverige
bli-saker-podden
rss-elektrikerpodden
gubbar-som-tjotar-om-bilar
rss-technokratin
skogsforum-podcast
rss-uppgang-och-fall
developers-mer-an-bara-kod
rss-sakerhetspodcasten
rss-veckans-ai
rss-powerboat-sverige-podcast
rss-digitala-influencer-podden
rss-en-ai-till-kaffet
rss-upplyst-entreprenordirektor
rss-fabriken-2