AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
What's in the SOSS? An OpenSSF Podcast
Google’s Andrew Pollock and Addressing Open Source Vulnerabilities
Aug 13, 2024
12:16
Episode description: Andrew Pollock is a Senior Software Engineer at Google, currently working on https://osv.dev. With a background as an Enterprise Security Engineer, he has extensive experience in large-scale Linux Systems Administration and GCP Security. Andrew is passionate about the human factors in security, focusing on scalable solutions, great user experiences and self-service opportunities. He has primarily worked in Linux/Unix environments as a Site Reliability Engineer or Security Engineer, with a strong interest in process improvement and automation.
- 00:52 - Andrew shares his background as a “mid-90s data nerd”
- 02:31 - Managing vulnerabilities in the open source ecosystem
- 03:57 - How to navigate inconsistent metadata
- 06:26 - The challenge of source attribution
- 07:54 - The rapid-fire round
- 09:15 - Andrew’s advice to open source developers
- 10:22 - Andrew’s call to action to developers
Episode links:
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode