January 16, 2024

Open Source Puppies and Beer

Listen Later

40 minutes

Chris, Izar, and Matt address the complexities of open-source component usage, vulnerability patches, civic responsibility, and licensing issues in this Security Table roundtable. Sparked by a LinkedIn post from Bob Lord, Senior Technical Advisor at CISA, they discuss whether software companies have a civic duty to distribute fixes for vulnerabilities they discover in open-source components. They also examine if there is a need to threat model every third-party component and consider the implications of certain licenses for security patches. This is a discussion that needs to be had by anyone using open-source components in their code. Listen in and engage as we learn and think through this important issue together!

Links:

Bob Lord’s post about Open Source Responsibility:
https://www.linkedin.com/posts/lordbob_just-a-quick-thought-on-open-source-if-you-activity-7146137722095558657-z_RI

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

The Security Table

By Izar Tarandach, Matt Coles, and Chris Romeo

5

22 ratings

January 16, 2024

Open Source Puppies and Beer

Listen Later

40 minutes

Chris, Izar, and Matt address the complexities of open-source component usage, vulnerability patches, civic responsibility, and licensing issues in this Security Table roundtable. Sparked by a LinkedIn post from Bob Lord, Senior Technical Advisor at CISA, they discuss whether software companies have a civic duty to distribute fixes for vulnerabilities they discover in open-source components. They also examine if there is a need to threat model every third-party component and consider the implications of certain licenses for security patches. This is a discussion that needs to be had by anyone using open-source components in their code. Listen in and engage as we learn and think through this important issue together!

Links:

Bob Lord’s post about Open Source Responsibility:
https://www.linkedin.com/posts/lordbob_just-a-quick-thought-on-open-source-if-you-activity-7146137722095558657-z_RI

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

...more

More shows like The Security Table

Security Now (Audio) by TWiT

Security Now (Audio)

1,966 Listeners

Risky Business by Patrick Gray

Risky Business

361 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

629 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,011 Listeners

Unsupervised Learning by Daniel Miessler

Unsupervised Learning

135 Listeners

The Application Security Podcast by Chris Romeo and Robert Hurlbut

The Application Security Podcast

36 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

313 Listeners

The Azure Security Podcast by Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos

The Azure Security Podcast

23 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

119 Listeners

CISO Tradecraft® by CISO Tradecraft®

CISO Tradecraft®

48 Listeners

Security Cryptography Whatever by Deirdre Connolly, Thomas Ptacek, David Adrian

Security Cryptography Whatever

77 Listeners

CISSP Cyber Training Podcast - CISSP Training Program by Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur

CISSP Cyber Training Podcast - CISSP Training Program

26 Listeners

The Threat Modeling Podcast by Chris Romeo

The Threat Modeling Podcast

2 Listeners

Inside the Network by Inside the Network Pod

Inside the Network

14 Listeners