What's in the SOSS? An OpenSSF Podcast
What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure.
Get a taste of all the ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments.
Each episode of What's in the SOSS? is packed with valuable insight designed to foster collaboration and promote stronger security practices for the open source software community.
About Christopher Robinson (aka CRob), host
CRob is a 43rd level Dungeon Master and a 26th level Securityologist. He is a leader within several Open Source Security Foundation (OpenSSF) efforts and is a frequent speaker on cyber, application, and open source security. He enjoys hats, herding cats, and moonlit walks on the beach.
What's in the SOSS? An OpenSSF Podcast
Latest Episodes
Packaging, Transferring, and Deploying Software in Air-Gapped Environments with Zarf
Host Sally Cooper is joined by Brandt Keller, a staff software engineer at Defense Unicorns and maintainer of the OpenSSF sandbox project, Zarf. Brandt discusses Zarf's origins as a tool designed to reliably package, transfer, and deploy softwa...
Big Thoughts, Open Sources Inaugural Episode: Beyond the Hype: Brian Fox on Securing the Agentic Future of Open Source
In this inaugural episode of Big Thoughts and Open Sources, host Crob sits down with Brian Fox, Co-founder and CTO of Sonatype, to dissect the friction between rapid AI adoption and foundational software security. Brian shares insights from the...
From Noise to Signal: Security Expertise and Kusari Inspector with Mike Lieberman
In this episode, CRob talks with Mike Lieberman from Kusari about the current state of open source security. They discuss the growing burden on maintainers from the "deluge" of noisy, low-quality vulnerability reports, often generated by AI too...
Empowering New Maintainers: Inside the OpenSSF Mentorship Program
In this episode of What’s in the SOSS? host Sally Cooper sits down with Yesenia Yser, co-lead of the OpenSSF Mentorship Program and the BEAR Working Group, and Kairo De Araujo, Open Source Software Engineer and mentor for rstuf. They dive into ...
The Gemara Project: GRC Engineering Model for Automated Risk Assessment
Hannah Braswell and Jenn Power, security engineers from Red Hat and contributors to the OpenSSF, join host Sally Cooper to discuss the Gemara project. Gemara, an acronym for GRC Engineering Model for Automated Risk Assessment, is a seven-layer ...