Sign up to save your podcasts
Or
Share The Risks of Decomposing Software Components
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Risks of Decomposing Software Components
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
View all episodes
By The New Stack
4.3
3131 ratings
The Linux Foundation's Open Source Security Foundation (OSSF) is addressing the challenge of timely software component updates to prevent security vulnerabilities like Log4J. In an interview with Alex Williams of The New Stack at the Open Source Summit in Vancouver, Omkhar Arasaratnam, the new general manager of OSSF, and Brian Behlendorf, CTO of OSSF, discuss the importance of making software secure from the start and the need for rapid response when vulnerabilities occur.
In this conversation, they highlight the significance of Software Bill of Materials (SBOMs), which provide a complete list of software components and supply chain relationships. SBOMs offer data that can aid decision-making and enable reputation tracking of repositories. The interview also touches on the issues with package managers and the quantification of software vulnerability risks. Overall, the goal is to improve the efficiency and effectiveness of software component updates and leverage data to enhance security in enterprise and production environments.
Learn more from The New Stack:
Creating a 'Minimum Elements' SBOM Document in 5 Minutes
Enhance Your SBOM Success with SLSA
More shows like The New Stack Podcast
View all
Hanselminutes with Scott Hanselman
377 Listeners
Software Engineering Radio - the podcast for professional software developers
265 Listeners
The Changelog: Software Development, Open Source
285 Listeners
The Cloudcast
153 Listeners
Thoughtworks Technology Podcast
40 Listeners
The New Stack Analysts
9 Listeners
Talk Python To Me
586 Listeners
Software Engineering Daily
629 Listeners
The New Stack @ Scale
3 Listeners
The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)
436 Listeners
The New Stack Context
4 Listeners
AWS Podcast
200 Listeners
Kubernetes Podcast from Google
180 Listeners
Practical AI
189 Listeners
The Stack Overflow Podcast
63 Listeners
Oxide and Friends
47 Listeners
Latent Space: The AI Engineer Podcast
63 Listeners
The Pragmatic Engineer
52 Listeners