Wicked Good Development – Episode 1

Wicked Good Development is dedicated to the future of open source. This space is to learn about the latest in the developer community and talk shop with OSS innovators and experts in the industry.

Our inaugural episode brings together 3 industry experts with different views on the world of software to talk about what we’ve learned from Log4j to today, what the fallout continues to be for teams tackling remediation and how this one open source vulnerability as change the world view on open source supply chains. We also discuss general update behaviors in the development community and the risks associated with using old code. And, the silent industrial revolution, especially the question of who bears the burden of maintaining open source software.

Listen to the Episode

Wicked Good Development is available wherever you find your podcasts. 

Show notes

Guests

• Brian Fox, CTO and Co-founder
• Ilkka Turunen, Field CTO
• Adam Cazzolla, Engineering Manager, Security Research

Hosts

• Kadi Grigg
• Omar Torres 

Topics Discussed

Log4J, Vulnerability remediation, Upstream software security, Software security & Government 

References

1. Herd Migration Patterns: https://www.sonatype.com/resources/state-of-the-software-supply-chain-2021#counter3

Transcript

Kadi  

Hey everyone, my name is Kadi Grigg and welcome to our project podcast. This is a space to learn about the latest in the developer community and talk shop with OSS experts in the industry.

Omar  

Hola, my name is Omar and I’ll be your co host. We’re dedicated to the future of open source and want to bring you the latest in open source.

Kadi

In this episode today, in this conversation, we have Brian Fox, CTO of Sonatype, Adam Cazzolla, Senior Researcher, and Ilkka Turunen Field CTO. We are here to talk about Log4J, but before we jump into that, can you tell us all a  little bit about who you are (Read more...)