Crossing the Valley Ep. 08 - From Scaleup to Startup: Marc Frankel is Solving Software Supply Chain Vulnerabilities with Lessons from Palantir and Expanse
Mar 27, 2024
Former Palantir and Expanse employee Marc Frankel, now founder of Manifest Cyber, discusses tackling software supply chain vulnerabilities. Topics include the impact of past defense tech startups, S-bombs for software transparency, building a startup foundation from Palantir, and the critical need for AI transparency. The conversation delves into lessons learned from past experiences and future prospects in the defense tech sector.
AI Snips
Chapters
Transcript
Episode notes
Software Needs Ingredient Labels
- Software is the only common purchase where buyers typically don't know the ingredients inside what they buy.
- S-BOMs act as ingredient lists and regulators are starting to require them across government and industry.
Automate S-BOM Ingestion And Monitoring
- Don't treat S-BOMs as static files stuck in inboxes or SharePoint.
- Build platforms to ingest, monitor, and act on S-BOMs automatically to turn inventory into operational security.
Log4Shell Triggered The Inventory Crisis
- Log4Shell was a zero-day style disclosure that instantly exposed millions of applications to exploit.
- Because buyers lacked S-BOM inventories, teams scrambled manually to identify and remediate affected systems.