
The Evolution Exchange Cyber Security Podcast
Evo Cyber Security #46 - Application Security Risks in Open Source Supply Chains
Aug 23, 2023
Experts Veroniki Stamati-Koromina, Sean Wright, Keith Batterham, and Chris Jackson discuss the risks and vulnerabilities in open source supply chains. They emphasize the need for managing risks, prioritizing and remediating issues, and the potential for hidden malicious code in libraries. The speakers also highlight the importance of effective communication, evaluating vulnerabilities beyond CVSS scores, and the significance of knowledge in the recruitment industry.
28:32
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Fast development often leads to including open source codes, introducing unknown security risks.
- Properly assessing vulnerable code and communicating product risks to organizational leadership are crucial.
Deep dives
The Risk of Open Source Supply Chains
The discussion revolves around the risks organizations face when utilizing open source solutions. The guests discuss how the need for fast development often leads to the inclusion of open source codes, repositories, and libraries. However, this introduces security risks as the security standards and vulnerabilities of those components may be unknown. The increasing reliance on open source supply chains also heightens the organization's exposure to technology security risks, potentially introducing vulnerabilities beyond their control.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.