Preview Mode Links will not work in preview mode

Open Source Security Podcast

Mar 18, 2024

Josh and Kurt talk about what's going on at the National Vulnerability Database. NVD suddenly stopped enriching vulnerabilities, and it's sent shock-waves through the vulnerability management space. While there are many unknowns right now, the one thing we can count on is things won't go back to the way they were.

Show...


Mar 11, 2024

Josh and Kurt talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars and forks. This is really a discussion about how can we try to find signal in all the noise of a massive ecosystem like GitHub.

Show Notes


Mar 4, 2024

Josh and Kurt talk about recent stories about data breaches, flipper zero banning, and realistic security. We have a lot of weird challenges in the world of security, but hard problems aren't impossible problems. Sometimes we forget that.

Show Notes


Feb 26, 2024

Josh and Kurt talk to GregKH about Linux Kernel security. We most focus on the topic of vulnerabilities in the Linux Kernel, and what being a CNA will mean for the future of Linux Kernel security vulnerabilities. The future of Linux Kernel security vulnerabilities is going to be very interesting.

Show Notes


Feb 19, 2024

Josh and Kurt talk to Thomas Depierre about some of the European efforts to secure software. We touch on the CRA, MDA, FOSDEM, and more. As expected Thomas drops a huge amount of knowledge on what's happening in open source. We close the show with a lot of ideas around how to move the needle for open source. It's not...