AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
#457: Software Supply Chain Security with Phylum
Talk Python To Me
Securing Software Dependencies in Python
17min Snip
00:00
Summary
Transcript
Episode notes
The chapter explores the risks and tactics used by threat actors in the realm of software supply chain security, including typo squatting and star jacking. It emphasizes the importance of specifying exact versions or hashes for package dependencies to mitigate vulnerabilities. Additionally, it discusses the implementation of security measures using tools like GitHub actions and Bilem to safeguard against malicious code in open-source software.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode