Jack Cable, a senior technical advisor at CISA specializing in open source software security, and Zach Steindler, a principal engineer at GitHub focused on supply chain security, dive into the critical topic of package repository security. They discuss the significance of secure package management in the open-source ecosystem and highlight their recently published best practices guide. Their conversation includes insights on trusted publishing, community engagement for newcomers, and the lighthearted debate on personal tech preferences, showcasing their expertise and camaraderie.

Guest Jack Cable, Senior Technical Advisor at CISA, discusses Blast-RADIUS attack, Russian disinformation, and AI use in classrooms. Microsoft and Apple change OpenAI board seats. Australia reviews tech security. Patch Tuesday updates. CISA's Secure by Design Alert series highlighted. Plus, a cyber expert's geeky wedding.

Three senior advisors from CISA discuss the importance of secure software code and explore the ongoing research and open questions for establishing a secure-by-design standard. They delve into the concept of secure-by-design, the lack of security training in top schools, and the importance of field tests. The application of principles, gaps in knowledge, measuring security, and the need for data are also discussed.