Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Player FM - Internet Radio Done Right
Checked 9d ago
Tilføjet one år siden
Indhold leveret af OpenSSF. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af OpenSSF eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Minder om What's in the SOSS? An OpenSSF Podcast
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
Daily Deals
Podcasts der er værd at lytte til
SPONSORERET
O
On the Bus with Troy Vollhoffer
1 From Backroom Bars to Broadway with Dustin Lynch 36:27
36:27 
Afspil senere 
Afspil senere 
Lister 
Like 
Liked36:27
Afspil senere
Afspil senere
Lister
Like
LikedNot many artists actually hail from Tennessee, but the scenic valleys and rolling hills of The Volunteer State are part of Dustin Lynch’s DNA. In this episode of On the Bus, Country Thunder CEO Troy Vollhoffer sits down with Dustin to discuss his journey from playing fraternity parties and weddings across the southeast to being the first country artist with a club residency at the Wynn in Las Vegas. Plus, stick around for our new segment, Thunder Strike, where Troy features upcoming festival performer Riley Green’s hit song “Damn Good Day to Leave” to give you a taste of what’s to come at Country Thunder in 2025.…
A Man Called CRob: Introducing the Newest Co-host of What’s in the SOSS?
Manage episode 422997421 series 3564832
Indhold leveret af OpenSSF. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af OpenSSF eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. He also serves as the Open SSF’s Technical Advisory Committee (TAC) Chair. And soon, CRob will step into another role: co-host of What’s in the SOSS? With 25 years of enterprise-class engineering, architectural, operational and leadership experience, Chris has worked at several Fortune 500 companies with experience in the financial, medical, legal, and manufacturing verticals. He also spent six years helping lead the Red Hat Product Security team as their Program Architect.
- 00:57 - CRob’s day-to-day activities and his affiliation with the OpenSSF
- 03:15 - The insight CRob will bring to the podcast as co-host
- 05:46 - What developers writing “post-bang” code should be considering
- 08:40 - Lessons open source could learn from corporate and vice versa
- 12:17 - CRob explores the evolution of open source
- 14:22 - Crob answers Omkhar’s rapid fire questions
- 15:57 - CRob’s advice to people entering the cybersecurity field
- 18:18 - CRob’s call to action for listeners: give back
Episode links:
26 episoder
DelManage episode 422997421 series 3564832
Indhold leveret af OpenSSF. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af OpenSSF eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. He also serves as the Open SSF’s Technical Advisory Committee (TAC) Chair. And soon, CRob will step into another role: co-host of What’s in the SOSS? With 25 years of enterprise-class engineering, architectural, operational and leadership experience, Chris has worked at several Fortune 500 companies with experience in the financial, medical, legal, and manufacturing verticals. He also spent six years helping lead the Red Hat Product Security team as their Program Architect.
- 00:57 - CRob’s day-to-day activities and his affiliation with the OpenSSF
- 03:15 - The insight CRob will bring to the podcast as co-host
- 05:46 - What developers writing “post-bang” code should be considering
- 08:40 - Lessons open source could learn from corporate and vice versa
- 12:17 - CRob explores the evolution of open source
- 14:22 - Crob answers Omkhar’s rapid fire questions
- 15:57 - CRob’s advice to people entering the cybersecurity field
- 18:18 - CRob’s call to action for listeners: give back
Episode links:
26 episoder
Alle episoder
×
W
What's in the SOSS? An OpenSSF Podcast
1 Empowering Security: Yesenia Yser on Open Source, AI, and Personal Branding 17:18
17:18 Afspil senere Afspil senere Lister Like Liked17:18
Afspil senere Afspil senere Lister Like LikedIn this inspiring episode of "What's in the SOSS?", we welcome our new Co-Host, cybersecurity expert and open source advocate Yesenia Yser. Join hosts CRob and Yesenia as they delve into her compelling journey from discovering open source at Red Hat to pioneering AI security at Microsoft. Learn how Yesenia blends her passion for cybersecurity, Brazilian jiu-jitsu, and empowering communities—especially women—to shape her personal brand and advocacy efforts. Don't miss this lively conversation full of actionable insights for anyone interested in cybersecurity, open source communities, and personal growth. Episode Highlights: 00:18 – Introduction to Yesenia Yser 00:55 – Yesenia's open source origin story 03:30 – From cybersecurity professional to jiu-jitsu practitioner 05:56 – Building a personal brand in tech and beyond 09:04 – Advocating diversity in tech through the BEAR group 12:40 – Fun rapid-fire round (VI or Emacs, Coke or Pepsi, favorite open source mascot, spicy vs. mild food, and more) 13:52 – Yesenia joins as new co-host of "What's in the SOSS?" 15:39 – Advice for breaking into open source and cybersecurity Connect with Yesenia: Yesenia Yser on LinkedIn The Lioness Instincts Get Involved with the OpenSSF: Subscribe to the OpenSSF newsletter Join the OpenSSF an upcoming Community Day Watch BEAR Community Office Hours on YouTube…
W
What's in the SOSS? An OpenSSF Podcast
CRob is joined by Arun Gupta, Vice President and General Manager of Developer Programs at Intel and OpenSSF Governing Board Chair, and Zach Steindler, Principal Engineer at Github, a member of the OpenSSF TAC and co-chairs the OpenSSF Security Packages Repository Working Group to discuss the key lessons learned from open source security in 2024, the importance of the MVVSR (Mission, Vision, Values, Strategy, and Roadmap) framework, and the exciting initiatives planned for 2025. They highlight the growing reliance on open source, the challenges of dependency vulnerabilities, and the need for better security practices in the industry. Chapters: 03:29 Key Lessons from Open Source Security in 2024 08:29 MVSR: Mission, Vision, Strategy, and Roadmap 13:41 Importance of Strategy and Roadmap in OpenSSF 17:48 Roadmap Items for Community Collaboration 20:02 Key Resources and Courses for Developers 22:09 Exciting Opportunities Ahead for 2025 Episode links: Arun’s Linkedin Zach’s Linedkin 2024 Annual Report Get involved with the OpenSSF Subscribe to the OpenSSF newsletter Follow the OpenSSF on LinkedIn…
W
What's in the SOSS? An OpenSSF Podcast
1 Kusari’s Michael Lieberman Talks GUAC, SLSA and Securing the Open Source Supply Chain 21:06
21:06 Afspil senere Afspil senere Lister Like Liked21:06
Afspil senere Afspil senere Lister Like LikedCRob is joined by Michael Lieberman, CTO and co-founder of Kusari, about the importance of supply chain security in the open source ecosystem. They discuss Michael's journey in open source, his contributions to projects like SLSA and GUAC and the future of supply chain security. 01:56 - Michael explains how he got into open source 04:10 - The challenges of being a startup within the open source ecosystem 05:38 - Michael digs into his participation with SLSA and GUAC 09:13 - How maintainers can address SBOMs with GUAC 10:56 - Michael’s predictions for supply chain security and dependency management 14:26 - Michael answers CRob’s rapid-fire questions 15:32 - Advice for those entering the cybersecurity or open source development spaces 17:50 - Michael’s call to action Links: Michael Liberman on LinkedIn Kusari homepage GUAC homepage on OpenSSF SLSA homepage on OpenSSF Get involved with the OpenSSF Subscribe to the OpenSSF newsletter Follow the OpenSSF on LinkedIn…
W
What's in the SOSS? An OpenSSF Podcast
1 Sovereign Tech Agency’s Tara Tarakiyee and Funding Important Open Source Projects 16:47
16:47 Afspil senere Afspil senere Lister Like Liked16:47
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob talks to Tara Tarakiyee, FOSS technologist at the Sovereign Tech Agency, which supports the development, improvement and maintenance of open digital infrastructure. The Sovereign Tech Agency’s goal is to sustainably strengthen the open source ecosystem, focusing on security, resilience, technological diversity and the people behind the code. 01:42 - Why the Sovereign Tech Fund became the Sovereign Tech Agency 03:59 - The ways the Sovereign Tech Agency supports open source infrastructure initiatives 04:42 - The four criteria for Sovereign Tech Agency funding: prevalence, relevance, vulnerability and public interest 06:51 - Sovereign Tech Agency success stories 09:09 Plans for the Sovereign Tech Agency in 2025 11:54 – Tara answers CRob’s rapid-fire questions 13:54 - Advice to those entering open source development or security field 14:55 - Tara’s call to action for listeners Episode links: Tara Tarayikee on Linkedin Sovereign Tech Agency homepage Apply for Sovereign Tech Fund investment Get involved with the OpenSSF Subscribe to the OpenSSF newsletter Follow the OpenSSF on LinkedIn…
W
What's in the SOSS? An OpenSSF Podcast
1 Alpha-Omega’s Michael Winser and Catalyzing Sustainable Improvements in Open Source Security 27:15
27:15 Afspil senere Afspil senere Lister Like Liked27:15
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob talks to Michael Winser, Technical Strategist for Alpha-Omega, an associated project of the OpenSSF that with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code – and get them fixed – to improve global software supply chain security. 01:00 - Michael shares his origin story into open source 02:09 - How Alpha-Omega came to be 03:48 Alpha-Omega’s mission is catalyzing sustainable security improvements 05:16 - The four types of investments Alpha-Omega makes to catalyze change 11:33 - Michael expands on his “clean the beach” approach to impacting open source security 16:41 - The 3F framework helps manage upstream dependencies effectively 21:13 - Michael answers CRob’s rapid-fire questions 23:06 - Michael’s advice to aspiring development and cybersecurity professionals 24:44 - Michael’s call to action for listeners Links Michael Winser on LinkedIn Alpha-Omega homepage OpenSSF on LinkedIn Subscribe to the OpenSSF newsletter Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Jack Cable of CISA and Zach Steindler of GitHub Dig Into Package Repository Security 23:44
23:44 Afspil senere Afspil senere Lister Like Liked23:44
Afspil senere Afspil senere Lister Like LikedCRob discusses package repository security with two people who know a lot about the topic. Zach Steindler is a principal engineer at Github, a member of the OpenSSF TAC and co-chairs the OpenSSF Security Packages Repository Working Group. Jack Cable is a senior technical advisor at CISA. Earlier this year, Zach and Jack published a helpful guide of best practices called “Principles for Package Repository Security.” 00:48 - Jack and Zach share their backgrounds 02:59 - What package repositories are and why they’re important to open source users 04:17 - The positive impact package security has on downstream users 07:06 - Jack and Zach offer insight into the "Prinicples for Package Repository Security" document 11:18 - Future endeavors of the Securing Software Repositories Working Group 17:32 - Jack and Zach answer CRob’s rapid-fire questions 19:31 - Advice for those entering the industry 21:28 - Jack and Zach share their calls to action Episode links: Zach Steindler on LinkedIn Jack Cable on LinkedIn OpenSSF on LinkedIn Securing Package Repositories Working Group Principles for Package Repository Security document Subscribe to the OpenSSF newsletter Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Red Hat's Rodrigo Freire and the Impact of High-Profile Security Incidents 16:58
16:58 Afspil senere Afspil senere Lister Like Liked16:58
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob talks to Rodrigo Freire, Red Hat's chief architect. They discuss high-profile incidents and vulnerability management in the open source community. Rodrigo has a distinguished track record of success and experience in several industries, especially high-performance and mission-critical environments in financial services. 01:08 - Rodrigo shares his entry into open source 02:42 - Diving into the specifics of a high-profile incident 06:22 - How security researchers coordinate a response to a high-profile incident 10:33 - The benefits of a vulnerability disclosure program 11:57 - Rodgiro answers CRob's rapid-fire questions 13:43 - Advice for anyone getting into the industry 14:26 - Rodrigo's call to action for listeners 15:53 - The importance of the security community working together Episode links: Rodrigo Freire on LinkedIn Rodrigo's blog on Red Hat's response to the XZ incident discovery Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Canonical’s Stephanie Domas and Security Insight from a Self-Described “Tinkerer” 16:58
16:58 Afspil senere Afspil senere Lister Like Liked16:58
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob talks to Stephanie Domas, CISO at Canonical, the creators of the popular operating system Ubuntu. Having started her career with over 10 years of ethical hacking, reverse engineering and advanced vulnerability analysis, Stephanie has a deep knowledge and passion for the hacker mindset. 01:14: Stephanie shares how she got her start in security 05:41 Interesting things Stephanie has discovered since becoming more directly involved with open source 08:20 The challenge of instilling trust into those who consume open source 12:42 Stephanie answers CRob’s rapid-fire questions 14:07 Stephanie’s advice to those getting into cybersecurity 15:43 Stephanie’s call to action for listeners Episode links: Stephanie Domas on LinkedIn Canonical homepage White House’s M-22-18 memorandum CISA RSAA Secure Software Development Attestation Form NIST Secure Software Development Framework (SSDF) SP 800-218 Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Intel’s Katherine Druckman and the Impact of Developer Relations 14:23
14:23 Afspil senere Afspil senere Lister Like Liked14:23
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob discusses the finer points of developer relations (DevRel) with Katherine Druckman, Open Source Evangelist at Intel and co-chair of the OpenSSF Marketing Advisory Council and DevRel Community. Katherine enjoys sharing her passion for a variety of open source topics and is a long-time open source advocate, developer and podcaster. She’s currently the host of Open at Intel and co-host of the FLOSS Weekly and Reality 2.0 podcasts. She spent over a decade at Linux Journal. A passionate Drupalist since she first downloaded a tarball in 2005, she has also been a Drupal contributor and engineer. Additionally, Katherine will be a featured speaker at SOSS Fusion/24 in Atlanta on Oct. 22-23. SOSS Fusion/24 is a collaborative and forward-thinking initiative dedicated to securing open source software. This event will bring together a diverse community of professionals from the public sector, software developers, security engineers to cybersecurity experts, CISOs, CIOs, Founders and tech pioneers. Katherine will be an active participant at SOSS Fusion/24 and will share her insight at the following presentations: Roundtable: Building Developer Confidence in Software Security with the DevRel Community, with Lori Lorusso, Percona; Tabatha DiDomenico, G-Research. Oct 22, 11:30 a.m. Keynote: Fireside Chat with Window Snyder, Founder & CEO, Thistle Technologies, Oct. 23, 9:30 a.m. Keynote: Back to Security Basics: Evaluating, Consuming, and Contributing Open Source Software, Oct. 23, 9:55 a.m. Check out the full schedule for SOSS Fusion/24. 01:42 - Katherine shares her non-traditional journey into open source 03:30 - DevRel’s definition varies, depending on the organization 06:11 - Tips for making connections with developers 08:23 - How DevRel professionals can help integrate security practices and tooling into everyday maintainer activities 09:38 - Katherine answers CRob’s rapid-fire questions 11:05 - Katherine’s belief that all knowledge can be relevant — even if it’s outside of your field 12:23 - Developers and security folks should be working together Episode links: Katherine Druckman on LinkedIn OpenSSF DevRel Community Open at Intel podcast SOSS Fusion/24 Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Dell's Sarah Evans and Lisa Bradley and Ensuring Secure Open Source Software at the Enterprise Level 16:24
16:24 Afspil senere Afspil senere Lister Like Liked16:24
Afspil senere Afspil senere Lister Like LikedIn this episode, CRob sits down with Sarah Evans, security research technologist at Dell and Lisa Bradley, senior director of product and application security at Dell. They dig into the challenges of implementing secure open software at a complex enterprise. Sarah sits on the OpenSSF Technical Advisory Council and at Dell’s she has been instrumental in cybersecurity innovation, conducting research within the global CTO R&D organization. Her career spans pivotal roles, including being an enterprise security architect and engaging in Identity and Access Management and IT at prestigious organizations like Wells Fargo and the U.S. Air Force. Dr. Lisa Bradley is a distinguished cybersecurity expert and visionary leader. She has earned her reputation as a trailblazer in the field of security and vulnerability management. In her current role, she oversees Dell's Product Security Incident Response Team (PSIRT), Bug Bounty Program, SBOM initiative, Dependency Management, and Security Champion and Training Programs. 02:38 How Dell is managing its ingestion and productization of open source software 04:54 The complex task of managing open source software for a company the size of Dell 06:34 The importance of executive support when implementing security initiatives 10:40 Lisa and Sarah answer CRob’s rapid-fire questions 12:40 Lisa and Sarah’s advice to aspiring developers and security professionals 14:12 Lisa and Sarah’s call to action Episode links: Lisa Bradley on LinkedIn Sarah Evans on LinkedIn Get involved in the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
In this episode, CRob chats with Omkhar Arasaratnam, who has served as the general manager of the OpenSSF and was co-host of What’s in the SOSS? As Omkhar moves on to the next chapter of his occupational journey, he reflects on his tenure with the OpenSSF, shares his open source origin story and highlights the achievements of the OpenSSF and the tactics he used to engage different stakeholders. Omkhar shares his open source origin story 02:14 - Things Omkhar is proud of during his tenure at the OpenSSF 04:36 - The challenge of keeping myriad stakeholders engaged 07:12 - Areas of open source supply chains that public policymakers and regulators should better understand 09:44 - Some challenges ahead for the open source ecosystem 14:58 - Omkhar answers CRob’s rapid-fire questions 17:57 - Omkhar’s advice for people entering the open source community Links Omkhar Arasaratnam on LinkedIn Get involved with OpenSSF…
W
What's in the SOSS? An OpenSSF Podcast
1 CoSAI, OpenSSF and the Interesting Intersection of Secure AI and Open Source 22:47
22:47 Afspil senere Afspil senere Lister Like Liked22:47
Afspil senere Afspil senere Lister Like LikedOmkhar is joined by Dave LaBianca, security engineering director at Google, Mihai Maruseac, member of the Google Open Source Security Team, and Jay White, security principal program manager at Microsoft. David and Jay are on the Project Governing Board for the Coalition for Secure AI (CoSAI), an alliance of industry leaders, researchers and developers dedicated to enhancing the security of AI implementations. Additionally, Jay — along with Mihai — are leads on the OpenSSF AI/ML Security Working Group. In this conversation, they dig into CoSAI’s goals and the potential partnership with the OpenSSF. 00:57 - Guest introductions 01:56 - Dave and Jay offer insight into why CoSAI was necessary 05:16 - Jay and Mihai explain the complementary nature of OpenSSF's AI/ML Security Working Group and CoSAI 07:21 - Mihai digs into the importance of proving model provenance 08:50 - Dave shares his thoughts on future CoSAI/OpenSSF collaborations 11:13 - Jay, Dave and Mihai answer Omkhar’s rapid-fire questions 14:12 - The guests offer their advice to those entering the field today and their call to action for listeners Links David LaBianca on LinkedIn Mihai Maruseac on LinkedIn Jay White on LinkedIn CoSAI homepage OpenSSF AI/ML Security Working Group homepage Get involved with OpenSSF…
W
What's in the SOSS? An OpenSSF Podcast
1 GitHub’s Mike Hanley and Transforming the “Dept. of No” Into the "Dept. of Yes, And…” 22:43
22:43 Afspil senere Afspil senere Lister Like Liked22:43
Afspil senere Afspil senere Lister Like LikedIn this episode, Omkhar chats with Mike Hanley, Chief Security Officer and SVP of Engineering at GitHub. Prior to GitHub, Mike was the Vice President of Security at Duo Security, where he built and led the security research, development, and operations functions. After Duo’s acquisition by Cisco for $2.35 billion in 2018, Mike led the transformation of Cisco’s cloud security framework and later served as CISO for the company. Mike also spent several years at CERT/CC as a Senior Member of the Technical Staff and security researcher focused on applied R&D programs for the US Department of Defense and the Intelligence Community. When he’s not talking about security at GitHub, Mike can be found enjoying Ann Arbor, MI with his wife and nine kids. 01:21 Mike shares insight into transporting a family of 11 02:02 Mike’s day-to-day at GitHub 03:53 Advice on communicating supply chain risk 08:19 Transforming the “Department of No” into the “Department of Yes And…” 12:44 AI’s potential impact on secure open source software and, specifically, on software supply chains 18:02 Mike answers Omkhar’s rapid-fire questions 19:26 Advice Mike would give to aspiring security or software professionals 20:38 Mike’s call to action for listeners Links Mike Hanley on LinkedIn DARPA AI Cyber Challenge Get involved with the OpenSSF…
W
What's in the SOSS? An OpenSSF Podcast
1 CISA's Aeva Black and the Public Sector View of Open Source Security 12:13
12:13 Afspil senere Afspil senere Lister Like Liked12:13
Afspil senere Afspil senere Lister Like LikedIn this episode, Omkhar Arasaratnam visits with Aeva Black, who currently serves as the Section Chief for Open Source Security at CISA, and is an open source hacker and international public speaker with 25 years of experience building open source software projects at large technology companies. She previously led open source security strategy within the Microsoft Azure Office of the CTO, and served on the OpenSSF Technical Advisory Committee, the OpenStack Technical Committee, and the Kubernetes Code of Conduct Committee. In her spare time, Aeva enjoys riding motorcycles up and down the west coast. 01:37- Aeva describes a day in the life at CISA 02:38 - Details on the use of open source in the public sector 04:27 - Why open source needs corporate investment to maintain security 06:20 - Aeva shares what their second year at CISA looks like 07:58 - Aeva answers Omkhar’s rapid-fire questions 09:28 - Advice for people entering the world of security 10:16 - Certs are nice to have, but they aren’t everything 10:42 - Aeva’s call to action for listeners Episode links: Aeva Black on LinkedIn CISA Open Source Security Roadmap Get involved with the OpenSSF community…
W
What's in the SOSS? An OpenSSF Podcast
1 Google’s Andrew Pollock and Addressing Open Source Vulnerabilities 12:16
12:16 Afspil senere Afspil senere Lister Like Liked12:16
Afspil senere Afspil senere Lister Like LikedEpisode description: Andrew Pollock is a Senior Software Engineer at Google, currently working on https://osv.dev. With a background as an Enterprise Security Engineer, he has extensive experience in large-scale Linux Systems Administration and GCP Security. Andrew is passionate about the human factors in security, focusing on scalable solutions, great user experiences and self-service opportunities. He has primarily worked in Linux/Unix environments as a Site Reliability Engineer or Security Engineer, with a strong interest in process improvement and automation. 00:52 - Andrew shares his background as a “mid-90s data nerd” 02:31 - Managing vulnerabilities in the open source ecosystem 03:57 - How to navigate inconsistent metadata 06:26 - The challenge of source attribution 07:54 - The rapid-fire round 09:15 - Andrew’s advice to open source developers 10:22 - Andrew’s call to action to developers Episode links: Andrew Pollock on LinkedIn Getting to know the Open Source Vulnerability format OSV.dev Get involved in the OpenSSF community…
Velkommen til Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Minder om What's in the SOSS? An OpenSSF Podcast
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
