In this episode, Viktor Petersson sits down with Niklas Düster, co-lead of OWASP DependencyTrack and contributor to CycloneDX, to explore the realities of managing software bill of materials (SBOMs) at scale. Drawing on real-world experience, Niklas explains how DependencyTrack helps engineering teams analyze, monitor, and act on risks buried deep in their dependency trees.

The conversation covers how teams integrate SBOM workflows into CI/CD pipelines, why gating deployments on vulnerability scans can backfire, and how the platform's evolving architecture is built to handle massive, multi-project setups. Niklas also unpacks how VEX files fit into the equation, and why context-aware suppression logic is key to reducing alert fatigue without missing critical issues.

For anyone responsible for securing large-scale software systems, this episode provides a grounded look at how DependencyTrack works under the hood and what's ahead. It's a practical, engineering-focused conversation that highlights what it takes to operationalize SBOMs across modern infrastructure.

In this episode, Viktor Petersson sits down with Thorbjørn Rønje, founder of Bifrost Studios, to unpack the venture studio model and why he believes it’s a smarter, faster way to build startups.

Thorbjørn explains how Bifrost applies a playbook-driven approach to validate product ideas quickly, reduce risk, and bring businesses to life without wasting time or capital. He shares how they’ve used frameworks like Purple Ocean and Apollo to launch companies such as Scaleup Finance, and why separating the early build team from the long-term operators makes their model scalable.

They also explore how this model applies to acquiring legacy businesses, turning them around with tech and brand upgrades. If you're thinking about startups, product-market fit, or the future of micro private equity, this one is worth your time.

In this episode of Nerding Out with Viktor, Viktor Petersson sits down with Carl Richell, founder and CEO of System76, to unpack how a small Linux-focused hardware company grew into a full-stack open source innovator.

In this episode of Nerding Out with Viktor, host Viktor Petersson welcomes back Jon Seager, VP of Engineering at Canonical, for a candid conversation about managing remote teams.

In this episode of Nerding Out with Viktor, host Viktor Petersson sits down with Vlad Trifa, founder of Zimt and co-founder of EVRYTHNG, to explore why Web3, crypto, and blockchain often fail to deliver on their promises in the real world.

In this episode of Nerding Out with Viktor, host Viktor Petersson speaks with Joshua Watt of Garmin and Ross Burton of ARM to explore how the Yocto Project is evolving to meet the growing demands of software supply chain security, embedded Linux customization, and long-term product maintenance.

In this episode of Nerding Out with Viktor, host Viktor Petersson is joined by Kevin Henrikson, an experienced engineering leader who's worked with Zimbra, Microsoft, and Instacart, to share real startup founder lessons on how to scale engineering teams, build resilient systems, and manage growth through acquisitions.

In this episode of "Nerding Out with Viktor," host Viktor Petersson is joined by Vlad A Ionescu, founder and CEO of Earthly, to explore the realities of modern CI/CD pipelines, why developer experience remains fragmented, and how platform and security teams can work more effectively across organizations.

Vlad outlines the origins of Earthly and how their open-source build automation tool enables consistent CI/CD across teams. The conversation covers GitHub Actions, the challenge of running pipelines locally, and why container-based workflows offer practical improvements in debugging and collaboration.

The discussion moves to Earthly's second product, Lunar, which focuses on monitoring and enforcing engineering practices in the SDLC. Vlad explains how this enables organizations to apply policies like test coverage and vulnerability scanning, without relying solely on teams to adopt them individually.

Other key topics include plugin governance, differences in developer infrastructure at large companies versus smaller teams, and the complexity of managing shared CI/CD ownership. The conversation also touches on hybrid work challenges, remote team management, and strategies for building trust and documentation in distributed teams.

Toward the end, the episode explores the potential impact of AI in software development. Vlad shares why he sees AI as a tool for accelerating skilled engineers, rather than a full replacement, and highlights the risks of relying on machine-generated code without proper verification.

Whether you're working on developer tooling, building remote teams, or thinking about the role of AI in engineering workflows, this episode offers a grounded and technical perspective.

In this episode of "Nerding Out with Viktor," I'm joined by Johan Christenson, founder of Cleura, to dig into one of the most critical questions facing European tech today: how do we build a sovereign cloud that can actually compete?

Johan brings decades of experience in open infrastructure and a front-row seat to the evolution of cloud computing. We talk about why Europe still leans so heavily on U.S. cloud platforms, and the real-world risks that come with that dependency whether it's pricing, control, or strategic leverage.

We get into the friction points that keep Europe from moving faster: outdated procurement practices, broken incentive structures, and the lack of deep technical understanding inside policymaking circles. Johan also shares what it's been like building on OpenStack from the early days, and what Cleura has learned about scaling sovereign infrastructure in a space dominated by hyperscalers.

I really enjoyed diving into how cloud-native tools like Kubernetes can unlock more flexibility and how standardization could help level the playing field for smaller providers. We also touch on the limitations of regulation when enforcement is missing, and why alignment between government goals and operational behavior is long overdue.

Whether you're in cloud infrastructure, policy, or just curious about how Europe can chart its own course, this one's packed with insight.

In this episode of "Nerding Out with Viktor," Warren Houghton returns to pull back the curtain on the covert world of physical penetration testing. As a seasoned security expert from Pentest Partners, Warren shares his extensive experience in breaching physical security measures, offering listeners a rare glimpse into the methodologies and techniques used by professional security testers.

Viktor and Warren explore the fascinating realm of physical security assessments, from initial reconnaissance and planning to the execution of sophisticated social engineering tactics. Warren reveals how security professionals can clone access badges, bypass reception areas, and exploit human psychology to gain unauthorized access to secured facilities. Through compelling real-world examples, he demonstrates how even seemingly robust security systems can be compromised by determined adversaries who understand the vulnerabilities in both technology and human behavior.

The conversation delves into the critical importance of physical security in the overall security posture of organizations, particularly those with sensitive data centers or restricted areas. Warren provides valuable insights into common weaknesses in building security, explaining how organizations can identify and address these vulnerabilities before they're exploited by malicious actors. He also discusses the ethical considerations and legal frameworks that govern physical penetration testing, emphasizing the importance of proper authorization and scope definition.

Whether you're a security professional looking to enhance your organization's physical defenses, an IT manager concerned about holistic security approaches, or simply fascinated by the world of security testing, this episode offers invaluable knowledge about the realities of physical security in today's complex threat landscape. Join Viktor and Warren for this eye-opening discussion that will forever change how you view the security of physical spaces around you.