OpenSourceSecurity

I had a discussion with Dick Brooks about government regulations and open source software security. The conversation covered the frameworks that affect enterprise software, users of open source, and open source developers. At the moment, all these regulations don’t mean a ton for open source developers, which is good news. Dick is the co-founder of Business Cyber Guardian and former enterprise architect at ISO New England. He’s a self proclaimed old school software engineer who worked at Digital Equipment Corporation. These days Dick is involved in working on secure development programs with governments around the world. ...

I met Gary Kramlich a few years ago at the CypherCon security conference and we now chat on signal about open source things. When I started Open Source Security I knew he was one of the people I wanted to talk to about what it looks like to keep a project, codebase, and community alive for more than a decade. Gary is the lead developer of the Pidgin chat program. You can find him at reaperworld.com ...

I had a discussion with Thomas Depierre about his experience with safety and how safety concepts can apply to the field of security. Thomas is an experienced SRE with a background in safety, he has thoughts into how people prevent disasters constantly, often without realizing it. You can find his blog at Software Maxims An audio version of this disucssion is also available in podcast format. Look for “Open Source Security” wherever you get your podcasts. ...