The Evolution Exchange Cyber Security Podcast

Evo Cyber Security #46 - Application Security Risks in Open Source Supply Chains

Aug 23, 2023

Experts Veroniki Stamati-Koromina, Sean Wright, Keith Batterham, and Chris Jackson discuss the risks and vulnerabilities in open source supply chains. They emphasize the need for managing risks, prioritizing and remediating issues, and the potential for hidden malicious code in libraries. The speakers also highlight the importance of effective communication, evaluating vulnerabilities beyond CVSS scores, and the significance of knowledge in the recruitment industry.

28:32

Creator website

Episode guests

Chris Jackson

Keith Batterham

Sean Wright

Veroniki Stamati-Koromina

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Fast development often leads to including open source codes, introducing unknown security risks.

Properly assessing vulnerable code and communicating product risks to organizational leadership are crucial.

Deep dives

The Risk of Open Source Supply Chains

The discussion revolves around the risks organizations face when utilizing open source solutions. The guests discuss how the need for fast development often leads to the inclusion of open source codes, repositories, and libraries. However, this introduces security risks as the security standards and vulnerabilities of those components may be unknown. The increasing reliance on open source supply chains also heightens the organization's exposure to technology security risks, potentially introducing vulnerabilities beyond their control.

Introduction

2min

Open Source Supply Chain Risks and Vulnerabilities

10min

Discussing S Bonds and the Importance of a Layered Approach to Application Security

2min

Effective Communication for Addressing Application Security Risks

9min

Evaluating Vulnerabilities in Open Source Supply Chains

4min

Metrics, Knowledge, and Podcast Invitations

2min

Join host Gareth Davies in Episode 46 of Evo Cyber Security as he delves into the critical topic of "Application Security Risks in Open Source Supply Chains." In this episode, experts from the field, Veroniki Stamati-Koromina of Flutter Entertainment, Sean Wright of Featurespace, Keith Batterham from Kontex, and Chris Jackson of Flo Health, provide invaluable insights into the challenges and solutions within application security. Learn from these industry leaders as they discuss the ever-evolving landscape of cyber threats and how organizations can protect their software in an open-source world.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

The Evolution Exchange Cyber Security Podcast

Evo Cyber Security #46 - Application Security Risks in Open Source Supply Chains

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Risk of Open Source Supply Chains

Managing the Risk of Dependencies

Communicating Product Risks to Leadership

Remember Everything You Learn from Podcasts