Podcast Episodes
Back to Search
Using Mercator to map assets with Didier Barzin
In this episode, we the information system mapping tool Mercator with Didier Barzin, a CISO at a hospital in Luxembourg. Discover how Mercator revolutionizes the way organizations map their complex i…
Published on 21 hours ago
Talos Linux security with Andrey Smirnov
In this episode, I discuss into the security features of Talos Linux with Andrey Smirnov. Andrey explains how Talos focuses on its immutability and minimal attack surface. Discover how these enhancem…
Published on 1 week ago
Discussing the Open Source, Open Threats? paper with Behzad and Ali
In this episode I chat with the authors of a recent paper on open source security: Open Source, Open Threats? Investigating Security Challenges in Open-Source Software. I chat with Ali Akhavani and B…
Published on 2 weeks ago
crates.io trusted publishing with Tobias Bieniek
In this episode we discuss crates.io trusted publishing with Tobias Bieniek. We cover the steps crates.io is taking to enhance supply chain security through trusted publishing, a method that leverage…
Published on 3 weeks ago
CVE update with Patrick Garrity
In this episode I chat with Patrick Garrity from VulnCheck. We discuss the chaos that has enveloped the CVE and NVD programs over the past two years. We cover some of the transparency and communicati…
Published on 4 weeks ago
GCVE with Cédric Bonhomme and Alexandre Dulaunoy
In this episode I discuss GCVE and Vulnerability-Lookup with Alex and Cedric from CIRCL. GCVE offers a decentralized approach, allowing organizations to assign their own IDs and publish vulnerabiliti…
Published on 1 month ago
EU Regulations will change everything with Daniel Thompson
In this episode, we dive into the Product Liability Directive and Cyber Resilience Act with Daniel Thompson, CEO of Crab Nebula. The EU's new legislative framework impacts manufacturers in ways we do…
Published on 1 month, 1 week ago
Open source microprocessors with Jan Pleskac
In this episode Jan Pleskac, CEO and co-founder of Tropic Square, shares insights on the challenges and innovations in creating open and auditable hardware. While most hardware is very closed, Tropic…
Published on 1 month, 2 weeks ago
Package URLs with Philippe Ombredanne
I'm joined by Philippe Ombredanne, creator of the Package URL (PURL), to discuss the surprisingly complex and messy problem of simply identifying open source software packages. We dive into how PURLs…
Published on 2 months, 2 weeks ago
Hobbyist Maintainers with Thomas DePierre
Thomas DePierre joins Open Source Security to discuss the central idea from his blog post, "You are all on the hobbyist maintainers turf now," exploring the massive disconnect between the corporate w…
Published on 2 months, 3 weeks ago