Sign up to save your podcasts
Or
Share The Risks of Decomposing Software Components
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Risks of Decomposing Software Components
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
View all episodes
By The New Stack
4.3
3131 ratings
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
More shows like The New Stack Podcast
View all
Software Engineering Radio - the podcast for professional software developers
272 Listeners
The Changelog: Software Development, Open Source
284 Listeners
The Cloudcast
152 Listeners
Thoughtworks Technology Podcast
40 Listeners
The New Stack Analysts
9 Listeners
Software Engineering Daily
621 Listeners
The New Stack @ Scale
3 Listeners
The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)
441 Listeners
The New Stack Context
4 Listeners
AWS Podcast
201 Listeners
Syntax - Tasty Web Development Treats
987 Listeners
CoRecursive: Coding Stories
189 Listeners
Kubernetes Podcast from Google
181 Listeners
Practical AI
192 Listeners
The Stack Overflow Podcast
62 Listeners
Oxide and Friends
47 Listeners
Latent Space: The AI Engineer Podcast
75 Listeners
The Pragmatic Engineer
53 Listeners