What's in the SOSS? An OpenSSF Podcast
What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure.
Get a taste of all the ingredients that make up secure open source software (SOSS) and explore the latest trends at the intersection of AI and security, vulnerability management, and threat assessments.
Each episode of What's in the SOSS? is packed with valuable insight designed to foster collaboration and promote stronger security practices for the open source software community.
About Christopher Robinson (aka CRob), host
CRob is a 43rd level Dungeon Master and a 26th level Securityologist. He is a leader within several Open Source Security Foundation (OpenSSF) efforts and is a frequent speaker on cyber, application, and open source security. He enjoys hats, herding cats, and moonlit walks on the beach.
What's in the SOSS? An OpenSSF Podcast
Open Source Security: OSTIF's 10-Year Journey of Collaborative Audits
In this episode of "What's in the SOSS," Derek Zimmer and Amir Montezari from the Open Source Technology Improvement Fund (OSTIF) discuss their decade-long mission of providing security resources to open source projects. They focus on collaborative, maintainer-centric security audits that help projects improve their security posture through expert third-party reviews, without creating fear or overwhelming developers.
Episode Chapters:
- 00:00 Introduction
- 00:22 Podcast Welcome
- 01:04 OSTIF Founders Introduction
- 02:31 OSTIF's Mission and Approach
- 05:28 Relationship Management and Expertise
- 08:01 Evolution of Security Engagement Methods
- 12:15 Making Security Audits Less Intimidating
- 18:00 Rapid Fire Questions
- 20:45 Closing, Call to Action
Episode links: