Josh and Kurt talk about a listener provided question. Could SELinux have stopped the SolarWinds attack? Given what we know, the answer is technically yes, but practically no. SELinux is awesome, but it’s very difficult to sandbox something like a build system. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_278_Could_SELinux_have_stopped_SolarWinds.mp3 Show Notes Gone in 60 milliseconds
Josh and Kurt talk to Loris Degioanni and Dan from Sysdig. Sysdig are the minds behind Falco, an amazing open source runtime security engine. We talk about where their technology came from, they huge code donation to the CNCF and what securing a modern infrastructure looks like today. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_262_A_discussion_with_Loris_and_Pop_from_Sysdig.mp3 Show Notes Sysdig Falco Loris’ Twitter Dan “Pop” Popandrea’s Twitter Sysdig contributes Falco’s kernel module, eBPF probe, and libraries to the CNCF pdig Sysdig 2021 container security and usage report: Shifting left is not enough
Josh and Kurt talk about Google’s new confidential VMs. The AMD Secure Encrypted Virtualization is the technology that makes it all possible. What is SEV, how does it work, and why should you care? This technology is going to be the future of the cloud. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_206_Confidential_Virtual_Machines_The_future_of_cloud_computing.mp3 Show Notes Google confidential VMs AMD SEV SEV vs SGX Show Tags #confidentialcomputing