Jamstack Radio
Ep. #101, Supply Chain Security with Feross Aboukhadijeh of Socket
May 19, 2022
Feross Aboukhadijeh of Socket shares insights on supply chain security, discussing npm package vulnerabilities, the importance of safeguarding open source elements, and tools like soc.dev. The episode also explores internet crime, security podcasts, coffee culture, and using a Burr Coffee Grinder for enhanced flavor.
34:18
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Maintaining secure build servers is vital for software teams to combat supply chain vulnerabilities.
- Socket .dev provides a unique tool to detect malicious behavior in code changes, enhancing open-source supply chain security.
Deep dives
Understanding the Software Supply Chain
The podcast delves into the concept of the software supply chain, highlighting the origin of code used in applications and the factors determining its trustworthiness. It emphasizes the importance of secure build servers, code integrity from production to the final app artifact, and ensuring overall safety.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
