Sign up to save your podcasts
Or
Share S6E8: Erez Yalon - AppSec, Supply Chain and Security Research
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
S6E8: Erez Yalon - AppSec, Supply Chain and Security Research
- What are some of the most interesting developments in the world of software supply chain security (SSCS) in the last 12 months or so?
- It's now been a couple of years since the major fall out of notable incidents such as SolarWinds and Log4j, do you feel like the industry is making headway in addressing software supply chain threats?
- For organizations either just starting or looking to mature their software supply chain maturity, where are some key areas you recommend organizations focus their attention?
- We have a complex landscape from extensive use of open source, SaaS and Cloud providers, partners and third parties, how have you seen firms successfully handle this complexity when it comes to activities such as incident response?
- There's a bit of a heated debate in the industry underway on point products vs. platforms. I know Checkmarx has a comprehensive AppSec platform. How do you view this debate, and do you think we will always have and see the need for point products, best of breed and comprehensive platforms in the industry?
- You spend a fair bit of time focused on SSCS research, how does your team approach these activities and sharing the insights with the community?
- Checkmarx shares a tremendous amount of informative and insightful research around SSCS. Where can folks learn more and what are some of the interesting projects you all are currently working on?
View all episodes
By Chris Hughes
4.9
1616 ratings
- What are some of the most interesting developments in the world of software supply chain security (SSCS) in the last 12 months or so?
- It's now been a couple of years since the major fall out of notable incidents such as SolarWinds and Log4j, do you feel like the industry is making headway in addressing software supply chain threats?
- For organizations either just starting or looking to mature their software supply chain maturity, where are some key areas you recommend organizations focus their attention?
- We have a complex landscape from extensive use of open source, SaaS and Cloud providers, partners and third parties, how have you seen firms successfully handle this complexity when it comes to activities such as incident response?
- There's a bit of a heated debate in the industry underway on point products vs. platforms. I know Checkmarx has a comprehensive AppSec platform. How do you view this debate, and do you think we will always have and see the need for point products, best of breed and comprehensive platforms in the industry?
- You spend a fair bit of time focused on SSCS research, how does your team approach these activities and sharing the insights with the community?
- Checkmarx shares a tremendous amount of informative and insightful research around SSCS. Where can folks learn more and what are some of the interesting projects you all are currently working on?
More shows like Resilient Cyber
View all
Hacked
184 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
637 Listeners
CyberWire Daily
1,017 Listeners
The Application Security Podcast
36 Listeners
Darknet Diaries
7,999 Listeners
Cybersecurity Today
175 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cloud Security Podcast
57 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,829 Listeners
Cyber Security Headlines
134 Listeners
CISO Tradecraft®
48 Listeners
AI Security Podcast
4 Listeners