News
Episode 232: Log4j Won’t Go Away (And What To Do About It.)

In this episode of the podcast (#232), Tomislav Peričin of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why...

Read more
News
Spotlight: How Secrets Sprawl Undermines Software Supply Chain Security

Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains. The post Spotlight: How Secrets Sprawl Undermines Software Supply Chain...

Read more
News
Could Artificial Intelligence Save the Holiday Shopping Season?

As we all know supply chain disruptions over the past two years do not seem to be going away any time soon. However, businesses are turning to new artificial intelligence-powered (AI)...

Read more
News
Episode 227: What’s Fueling Cyber Attacks on Agriculture ?

In this episode of the podcast (#227) we speak with Allan Liska, the head of the CSIRT at the firm Recorded Future. about the spate of attacks in recent months targeting...

Read more
News
Episode 223: CISA Looks To Erase The Security Poverty Line

In this week’s episode of the podcast (#223), we are joined by Josh Corman and Lisa Young of the COVID task force at CISA to talk about the agency’s work to...

Read more
News
DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk

A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and...

Read more
News
Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security

In this episode of the podcast (#216) we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can...

Read more
News
What SolarWinds Tells Us About Securing the Software Development Supply Chain

The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing...

Read more
News
Want To Prevent Another SolarWinds? Start With Developers

An all-star roundtable of security experts tackles the question of how to prevent another SolarWinds. The post Want To Prevent Another SolarWinds? Start With Developers appeared first on The Security Ledger...

Read more
News
Episode 208: Getting Serious about Hardware Supply Chains with Goldman Sachs’ Michael Mattioli

In this week’s Security Ledger Podcast, sponsored by Trusted Computing Group, we’re talking about securing the hardware supply chain. We’re joined by Michael Mattioli, a Vice President at Goldman Sachs who...

Read more