Displaying 3 items of Three Buddy Problem with the tag "open source software".
-
Abhishek Arya on Google's AI cybersecurity experiments
September 12th, 2023 | 33 mins 27 secs
google, open source software, openssf, oss-fuzz, supply chain
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Abhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB.
In this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.
-
Jason Chan on Microsoft's security problems, layoffs and startups
August 7th, 2023 | 27 mins 7 secs
ciso, entrepreneurship, generative ai, layoffs, microsoft, open source software, transparency, vc funding
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Bessemer Venture Partner's Jason Chan returns to the show for a frank discussion on the state of cyber, including thoughts on Microsoft's prominent security failures, the meaning of layoffs hitting security teams, the excitement around AI, and the long road ahead. The former Netflix security chief also talks about merging of the IT and security functions and the importance of cybersecurity proving its value to the business.
-
Chainguard's Dan Lorenc gets real on software supply chain problems
October 13th, 2022 | 47 mins 7 secs
entrepreneurship, open source software, supply chain security
- Episode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.
Dan Lorenc and team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation.