Open Source Security - Is Everyone Just Making the Same Mistakes?

In this episode we speak to Thomas Ptacek, currently a software engineer at Fly.io and previously a co-founder at security firms Latacora and Matasano Security. We discuss the state of software security in sectors like energy and healthcare,  how software developers should think about supply chain risk, and what they should do about securing their dependencies. We also explore how security threats have changed over the years, and what developers working on open source should do to improve their own security.

About Thomas Ptacek

Thomas Ptacek is a leading security researcher. Best known as one of the co-founders of Matasano Security, which was prior to its acquisition by NCC Group one of the largest software security firms in the US. Working in software security since 1995, Thomas was a member of the industry’s first commercial vulnerability research lab - Secure Networks. Thomas is currently a software engineer at Fly.io

Other things mentioned:

• Django
• NodeJS
• React
• Deno
• Okta
• Google cloud authentication
• Tailscale
• WireGuard
• Server-side request forgery
• Burp Suite
• Black Hat
• Emacs Tramp Mode
• Magit

Let us know what you think on Twitter:

https://twitter.com/consoledotdev

https://twitter.com/davidmytton

https://twitter.com/tqbf

Or by email: hello@console.dev

About Console

Console is the place developers go to find the best tools. Our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don’t have to. 

Sign up for free at: https://console.dev

Recorded: 2021-10-19.