Guy Podjarny on OSS Security, Serverless, and the Equifax Hack
Published October 30, 2017
46 min
    Add to queue
    Copy URL
    Show notes
    In this podcast, Wes talks to Guy Podjarny (Founder/CEO Synk). The two discuss the space between open source software and third-party dependencies, including a discussion of the Equifax hack (and what we can learn from it), the role of serverless architectures today (and what it means to application surface area), and then finally they wrap with security hygiene best practices with OSS and serverless. Why listen to this podcast: - The majority of security vulnerabilities that exist in applications today comes from vulnerable third-party libraries, rather than the application’s own code. - An application shouldn’t permit total leak of all data because of a single vulnerability - defence in depth is important. - Equifax couldn’t have failed more spectacularly in the way they handled it. - The Equifax hack serves as a wake-up call to pay attention to vulnerabilities in dependencies. - If your build system breaks the build when a dependency vulnerability is found automatically, it will be applied sooner. More on this: Quick scan our curated show notes on InfoQ You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. Subscribe: Like InfoQ on Facebook: Follow on Twitter: Follow on LinkedIn: Want to see extented shownotes? Check the landing page on InfoQ:
        0:00:00 / 0:00:00