
Dan Lorenc
Advocating for better CVE enrichment and awareness in software ecosystem
Top 3 podcasts with Dan Lorenc
Ranked by the Snipd community

May 3, 2024 • 60min
Chainguard: Building Secure Container Images
Dan Lorenc, from Chainguard, shares insights on creating secure container images, emphasizing the importance of minimalism to enhance security. He discusses the ramifications of the recent XZ supply chain attack and how Chainguard addresses vulnerability management. Dan highlights the benefits of their zero CVE approach, the launch of Chainguard images on Docker Hub, and the need for proactive security practices. He also elaborates on tools for reducing attack surfaces and the significance of frameworks like SLSA in bolstering software security.

Mar 22, 2024 • 29min
S6E11: Josh Bressers & Dan Lorenc - Untangling the NVD Chaos
Experts discuss the drama around NVD and its impact on vulnerability management. They highlight concerns about lack of CVE enrichment and the grassroots effort to raise awareness. The podcast explores the underfunding and oversight of critical software ecosystem components. Future solutions from NIST/NVD, government, and industry are discussed to resolve the issue.

Nov 2, 2023 • 1h 20min
Securing Open Source Software with Dan Lorenc, Co-founder & CEO of Chainguard
Dan Lorenc, Co-founder and CEO of Chainguard, talks about the software supply chain and the vulnerabilities it poses. He discusses the history of open source software, the moment they decided to start Chainguard, and why they started selling consulting services before building a product. Dan also shares insights on their marketing strategy, raising funding, and the challenges and risks in open source software.