The Evolution Exchange Cyber Security Podcast

Evo Cyber Security #46 - Application Security Risks in Open Source Supply Chains

Aug 23, 2023

Experts Veroniki Stamati-Koromina, Sean Wright, Keith Batterham, and Chris Jackson discuss the risks and vulnerabilities in open source supply chains. They emphasize the need for managing risks, prioritizing and remediating issues, and the potential for hidden malicious code in libraries. The speakers also highlight the importance of effective communication, evaluating vulnerabilities beyond CVSS scores, and the significance of knowledge in the recruitment industry.

28:32

Creator website

Episode guests

Chris Jackson

Keith Batterham

Sean Wright

Veroniki Stamati-Koromina

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Fast development often leads to including open source codes, introducing unknown security risks.

Properly assessing vulnerable code and communicating product risks to organizational leadership are crucial.

Deep dives

The Risk of Open Source Supply Chains

The discussion revolves around the risks organizations face when utilizing open source solutions. The guests discuss how the need for fast development often leads to the inclusion of open source codes, repositories, and libraries. However, this introduces security risks as the security standards and vulnerabilities of those components may be unknown. The increasing reliance on open source supply chains also heightens the organization's exposure to technology security risks, potentially introducing vulnerabilities beyond their control.

Introduction

2min

Open Source Supply Chain Risks and Vulnerabilities

10min

Discussing S Bonds and the Importance of a Layered Approach to Application Security

2min

Effective Communication for Addressing Application Security Risks

9min

Evaluating Vulnerabilities in Open Source Supply Chains

4min

Metrics, Knowledge, and Podcast Invitations

2min

Join host Gareth Davies in Episode 46 of Evo Cyber Security as he delves into the critical topic of "Application Security Risks in Open Source Supply Chains." In this episode, experts from the field, Veroniki Stamati-Koromina of Flutter Entertainment, Sean Wright of Featurespace, Keith Batterham from Kontex, and Chris Jackson of Flo Health, provide invaluable insights into the challenges and solutions within application security. Learn from these industry leaders as they discuss the ever-evolving landscape of cyber threats and how organizations can protect their software in an open-source world.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The Evolution Exchange Cyber Security Podcast

Evo Cyber Security #46 - Application Security Risks in Open Source Supply Chains

Episode guests