What's in the SOSS? An OpenSSF Podcast
What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure.
Get a taste of all the ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments.
Each episode of What's in the SOSS? is packed with valuable insight designed to foster collaboration and promote stronger security practices for the open source software community.
About Christopher Robinson (aka CRob), host
CRob is a 43rd level Dungeon Master and a 26th level Securityologist. He is a leader within several Open Source Security Foundation (OpenSSF) efforts and is a frequent speaker on cyber, application, and open source security. He enjoys hats, herding cats, and moonlit walks on the beach.
What's in the SOSS? An OpenSSF Podcast
Kusari’s Michael Lieberman Talks GUAC, SLSA and Securing the Open Source Supply Chain
CRob is joined by Michael Lieberman, CTO and co-founder of Kusari, about the importance of supply chain security in the open source ecosystem. They discuss Michael's journey in open source, his contributions to projects like SLSA and GUAC and the future of supply chain security.
- 01:56 - Michael explains how he got into open source
- 04:10 - The challenges of being a startup within the open source ecosystem
- 05:38 - Michael digs into his participation with SLSA and GUAC
- 09:13 - How maintainers can address SBOMs with GUAC
- 10:56 - Michael’s predictions for supply chain security and dependency management
- 14:26 - Michael answers CRob’s rapid-fire questions
- 15:32 - Advice for those entering the cybersecurity or open source development spaces
- 17:50 - Michael’s call to action
Links: