Security & Software Supply Chain, with Feross Aboukhadijeh (Socket) - S03E05
Console DevTools
English - July 07, 2022 06:15 - 31 minutes - 43.9 MB - ★★★★★ - 7 ratingsTechnology Business Entrepreneurship api cloud coding developer tools developers devops devtools open source programming software Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
In this episode we speak to Feross Aboukhadijeh, CEO of Socket.dev, a software supply chain security company. We discuss the risks of using third party dependencies, how JS and NPM could improve their approach to security, whether trust in open source is eroding, and how to improve the overall security posture of your application.
About Feross Aboukhadijeh
Feross is the founder and CEO of Socket, where he's working on a new approach to open source supply chain security. Feross is the author and maintainer of WebTorrent, StandardJS, and 100s of other open source projects which are downloaded 500+ million times per month. Feross is a lecturer at Stanford University where he teaches CS 253 Web Security. Socket, the company Feross started, is auditing every package on npm to detect suspicious changes and block software supply chain attacks. Hundreds of companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.
Other things mentioned:
SocketWebTorrentStandard JSnpmJSTypescriptPrettierDependabotMacBook Pro M1Studio displayLogitech mouseLet us know what you think on Twitter:
https://twitter.com/consoledotdev
https://twitter.com/davidmytton
Or by email: [email protected]
About Console
Console is the place developers go to find the best tools. Our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don’t have to.
Sign up for free at: https://console.dev
Recorded: 2022-04-06.