Josh and Kurt talk about how to file 1000 security flaws. One is easy, scale is hard. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_248_Door_23_How_to_report_1000_security_flaws.mp3
Josh and Kurt talk about how to report one security flaw https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_247_Door_22_How_to_report_one_security_flaw.mp3
Josh and Kurt talk about bug bounties https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_246_Door_21_Bug_bounties.mp3
Josh and Kurt talk about if SMS 2 factor auth is better than no 2FA https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_245_Door_20_Is_SMS_2FA_better_than_no_2FA.mp3 Links Cyber deepfaked their host
Josh and Kurt talk about modern TLS certificate trust https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_244_Door_19_TLS_certificate_trust.mp3
Josh and Kurt talk about why it’s a horrible idea to roll your own crypto or auth https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_243_Door_18_Dont_roll_your_own_crypto_or_auth.mp3
Josh and Kurt talk about vulnerability response. What is it, what does it mean, how does it work https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_242_Door_17_Vulnerability_response.mp3
Josh and Kurt talk about the switch from 16 to 32 to 64 bit and even the changes from Intel to ARM https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_241_Door_16_16_bits_of_change.mp3
Josh and Kurt talk about supplier compliance https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_240_Door_15_Supplier_compliance.mp3 Links Annex A.15.1 of ISO 27001:2013 Episode 162 – SBOM with Allan Friedman
Josh and Kurt talk about backdoors in open source software https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_239_Door_14_Backdoors.mp3