Podcast Episodes
Back to Search
Syft, Grype, and Grant with Alan Pope
I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and sc…
1 year, 2 months ago
CVE for EOL with Aaron Frost
Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates …
1 year, 2 months ago
cargo-semver-checks with Predrag Gruevski
Cargo Semver Checks is a Rust tool by Predrag Gruevski that is tackling the problem of broken dependencies that cost developers time when trying to u…
1 year, 3 months ago
Distributed CI and Git with Lars Wirzenius
Lars Wirzenius discusses his innovative CI/CD system Ambient, which uses isolated virtual machines without network access to enhance security, and hi…
1 year, 3 months ago
FIDO authentication with William Brown
William Brown tells us all about how confusing and complicated the FIDO authentication universe is. He talks about WebAuthn implementation challenges…
1 year, 3 months ago
CRA with Luis Villa
In this episode, open source legal expert Luis Villa breaks down what the EU's Cyber Resilience Act means for developers and businesses, exploring ca…
1 year, 3 months ago
Open Source Malware with Brian Fox
Brian Fox discusses findings from a recent Sonatype report about the growing challenge of malicious packages in open source repositories. At the time…
1 year, 4 months ago
Open Source Foundations with Kelley Misata of Suricata
In this episode Open Source Security talks to Dr. Kelly Masada about the Open Information Security Foundation (OISF). The way OISF is managing Sur…
1 year, 4 months ago
Forking Open Source Projects with Sheogorath
In this episode Open Source Security chats with Sheogorath about HedgeDoc project's journey from HackMD to CodiMD and finally to HedgeDoc. We learn w…
1 year, 4 months ago
Patching EOL Open Source with Aaron Frost
In this episode, Open Source Security chats with Aaron Frost, CEO of Hero Devs about the world of maintaining end-of-life open source software. Aaron…
1 year, 4 months ago