Kubernetes Podcast from Google

Software Supply Chain Security, with Priya Wadhwa


Listen Later

The idea of software supply chain security rocketed into the public consciousness in the last year, with the news that US government agencies had been breached. Priya Wadhwa is a software engineer at Google working on open source security, including projects to secure and verify container deployments. She outlines what is being done to make sure this doesn't happen to you.

Do you have something cool to share? Some questions? Let us know:

Chatter of the week
  • Virgin Galactic launch
    • NBC News
    • BBC News
  • Blue Origin launch
    • NBC News
    • BBC News
  • Rocket scene from Austin Powers: The Spy Who Shagged Me
    • The memes
News of the week
  • Google Cloud Container Security webinar
  • Register for Google Cloud Next 2021
  • Google Cloud IDS
  • Windows Server support for Anthos on-prem
  • Multi-Cluster Ingress for GKE
  • CVE-2021-22555: Kernel code execution through Netfilter bug
  • CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding
  • CVE-2021-32690: Helm repository credentials passed to alternate domain
  • Attacks on Argo Workflows discovered by Intezer
  • Sysdig acquires Apolicy; Apolicy acquired by Sysdig
  • CockroachDB Operator for Kubernetes
  • Automatic remediation of Kubernetes nodes at Cloudflare
    • Sciuro
    • Kured
  • CNCF App Delivery TAG publishes operator whitepaper
Links from the interview
  • Software supply chain
    • Know, Prevent, Fix
  • Reproducible builds
    • Debian Project
  • SolarWinds hack
  • US Executive Order on Improving the Nation's Cybersecurity
  • Binary Authorization
  • Provenance, in art and software
  • in-toto
    • "Farm to table"
  • sigstore
    • Announcement blog
    • cosign
      • Announcement blog
      • Dan Lorenc's blog
    • Connaisseur
    • Rekor
    • Fulcio
    • Key signing ceremony:
      • Dan Lorenc on Episode 152
      • Announcement blog
      • Video
  • Tekton
  • Tekton Chains
    • Announcement blog, by Priya & Dan
  • SBOM (Software Bill of Materials)
  • Open Source Insights
    • Announcement blog
    • Nine Inch Nails' Year Zero ARG
    • Scorecards
      • Announcement blog
      • v2 blog
  • SLSA
    • Announcement blog
    • GitHub
  • SupplyChainSecurityCon
  • sigstore Slack channel
  • Priya Wadhwa on Twitter
...more
View all episodesView all episodes
Download on the App Store

Kubernetes Podcast from GoogleBy Abdel Sghiouar, Kaslin Fields

  • 4.8
  • 4.8
  • 4.8
  • 4.8
  • 4.8

4.8

179 ratings


More shows like Kubernetes Podcast from Google

View all
Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

Software Engineering Radio - the podcast for professional software developers

275 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

289 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,009 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

626 Listeners

Risky Business by Risky Business Media

Risky Business

375 Listeners

The Enterprise AI Show by Massive Studios

The Enterprise AI Show

149 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

583 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

145 Listeners

NVIDIA AI Podcast by NVIDIA

NVIDIA AI Podcast

345 Listeners

Inside the Strategy Room by McKinsey & Company

Inside the Strategy Room

170 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

203 Listeners

Last Week in AI by Skynet Today

Last Week in AI

314 Listeners

Big Technology Podcast by Alex Kantrowitz

Big Technology Podcast

508 Listeners

KubeFM by KubeFM

KubeFM

2 Listeners

The Pragmatic Engineer by Gergely Orosz

The Pragmatic Engineer

74 Listeners