• The Burden of Security in Software Maintenance

  • Jul 24 2024
  • Duración: 27 m
  • Podcast

The Burden of Security in Software Maintenance

Escúchala gratis

Ver detalles del espectáculo

  • Resumen

  • In this episode, John Kjell, Director of Open Source at TestifySec, discusses his involvement in various open source projects and the intricacies of maintaining such projects. John sheds light on his work with the CNCF and OpenSSF, and the impact of tools like Witness, Archivista, and SLSA. He outlines the challenges maintainers face, especially around security, and offers insights into balancing professional and personal responsibilities. John also explores the significance of community, inclusivity, and a secure developer identity in open source ecosystems.

    00:00 Introduction and Guest Background 01:20 Maintainer Burnout and Security Challenges 04:41 Balancing Multiple Projects and Personal Life 07:15 Security Risks in Smaller Projects 10:13 Developer Identity and Reputation 19:37 Open Source Origin Story and Community Involvement 24:11 Optimism for the Future of Open Source Security

    Resources:

    Enhancing Open Source Security: Introducing Siren by OpenSSF – Open Source Security Foundation

    Security at Every Step: Why Software Supply Chains Are Critical

    Guest: John Kjell is responsible for open source at TestifySec, a software supply chain security startup. He is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is an active contributor to CNCF's TAG Security and multiple projects within the OpenSSF. Before TestifySec, John was an engineering leader at VMware, helping to bring supply chain security features to the Tanzu Application Platform.
    Más Menos
Más Menos

Lo que los oyentes dicen sobre The Burden of Security in Software Maintenance

Calificaciones medias de los clientes

Reseñas - Selecciona las pestañas a continuación para cambiar el origen de las reseñas.

Reseñas de Audible.com

Opiniones de Amazon
No hay comentarios disponibles