AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
11min chapter
Risky Business #736 -- Azure misconfigurations are 2024's looming threat
Risky Business
Detecting and Blocking Malicious Packages in Public Registries
Exploration of challenges in detecting and blocking malicious packages in JavaScript, Python, and Go ecosystems, including typo squatting and dependency confusion attacks. Discussion on the impact of GitHub's lack of malware takedown information in their advisories database and the benefits of tools that track takedowns for identifying risks in dependencies. Insights on the risks posed by legacy security tools in supply chain attacks, emphasizing the need for a proactive security strategy like Socket for real-time package analysis.
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode