Sign up to save your podcasts
Or
Share The Risks of Decomposing Software Components
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Risks of Decomposing Software Components
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
View all episodes
By The New Stack
4.3
3131 ratings
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
More shows like The New Stack Podcast
View all
The New Stack Analysts
9 Listeners
The New Stack @ Scale
3 Listeners
The Changelog: Software Development, Open Source
289 Listeners
The a16z Show
1,089 Listeners
Software Engineering Daily
625 Listeners
Thoughtworks Technology Podcast
43 Listeners
The New Stack Context
4 Listeners
Y Combinator Startup Podcast
226 Listeners
Syntax - Tasty Web Development Treats
988 Listeners
CoRecursive: Coding Stories
190 Listeners
Practical AI
211 Listeners
AWS Podcast
203 Listeners
The Stack Overflow Podcast
63 Listeners
Dwarkesh Podcast
511 Listeners
Big Technology Podcast
494 Listeners
AI and I
33 Listeners
BG2Pod with Brad Gerstner and Bill Gurley
467 Listeners
AI + a16z
35 Listeners