Three Buddy Problem

Chainguard's Dan Lorenc gets real on software supply chain problems

Oct 13, 2022

47:07

Creator website

Highlights

AI Chapters

Episode notes

SLSA Supply Chain Levels for Software Artifacts

01:47

Supply Chain Attacks Are Easier Than Old Ones

01:55

Are You Worried About the Utilities of Startups?

02:07

Introduction

2min

Supply Chain Attacks - What's Going on in China?

2min

Supply Chain Security Issues - Are We Really Seeing a Spike?

2min

Zero Trust Beyond Karp - What's Next?

2min

SLSA Supply Chain Levels for Software Artifacts

2min

What Happened to Open Source Software?

2min

Supply Chain Attacks Are Easier Than Old Ones

2min

Solar Wind Phones

2min

Supply Chain Attacks - Are We Addressing?

2min

10.

Supply Chain Security, Are We Addressing S-Bombs?

2min

11.

Are We Addressing the Integrity Problem?

3min

12.

What Is S Bomb Meant to Solve?

3min

13.

S Bombs Aren't Going to Be Great Right Away, Right?

2min

14.

S Bombs and Open Source Software Development

2min

15.

Supply Chain Issues - Hardware Roots of Trust

2min

16.

Are We Really Catching?

2min

17.

3min

18.

Are You Starting a Supply Chain Startup?

2min

19.

Are You Worried About the Utilities of Startups?

2min

20.

Chain Guard - What's the Chain of Trust?

3min

21.

Are You Getting Hit With S-Bombs?

3min

Episode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.

Dan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation.

Links:

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.