What's in the SOSS? An OpenSSF Podcast Teaching the Next Generation: Software Supply Chain Security in Academia with Justin Cappos
On this episode of "What's in the SoSS," Yesenia Yser sits down with Justin Cappos, NYU professor and self-described "OG software supply chain guy" who's been working in this space since 2002. Justin reveals why most universities fail to teach fundamental security practices—from MFA to code signing—and how his groundbreaking software supply chain security course is creating some of the top 500 most qualified professionals in the world. We discuss the challenges of keeping curriculum current in a rapidly evolving field, the "throw them in the deep end" approach to teaching open source collaboration, and Justin's vision for transforming security education across institutions nationwide through the Linux Foundation's Academic Computing Acceleration Program.
Episode links:
- Justin Cappos NYU Professor Page
- NYU Tandon School of Engineering
- Linux Foundation Academic Computing Accreditation
- OpenSSF Education
- CNCF Tag Security
- Get involved with the OpenSSF
- Subscribe to the OpenSSF newsletter
- Follow the OpenSSF on LinkedIn
Chapters
00:24 - Introduction & Guest Welcome
01:49 - The SolarWinds Effect
02:01 - Aligning with Linux Foundation's Academic Program
04:06 - Critical Gaps in Traditional CS Education
06:35 - Teaching Open Source Culture
10:45 - Career Impact & Student Success
13:52 - Adapting to AI & Rapid Industry Change
16:30 - Vision for the Next 5-10 Years
19:52 - Rapid Fire Round
20:52 - Final Advice & Closing