Episode 232: Log4j Won’t Go Away (And What To Do About It.)
In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why...
Spotlight: How Secrets Sprawl Undermines Software Supply Chain Security
Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains. The post Spotlight: How Secrets Sprawl Undermines Software Supply Chain...
Episode 229: BugCrowd’s Casey Ellis On What’s Hot In Bug Hunting
We talk with Casey Ellis, founder and CTO of BugCrowd about how the market for software bugs has changed since the first bug bounty programs emerged nearly 20 years ago, and...
Spotlight: Automation Beckons as DevOps, IoT Drive PKI Explosion
Brian Trzupek of DigiCert joins Paul to talk about the findings of a recent State of PKI Automation survey and the challenges of managing fast-growing population of tens of thousands of...
DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk
A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and...