Dependabot

Josh and Kurt talk to Joylynn Kirui about DevSecOps in the Microsoft universe. Joylynn gives us an overview of the current state of devops and tells us about some of the tools Microsoft has made available to the open source universe. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_363_Joylynn_Kirui_from_Microsoft_on_De_SecOps.mp3 Show Notes Joylynn Kirui Joylynn on DVT Tech Insights Episode 174 - a chat with GitHub about CodeQL S2C2F Azure Open Source Day

Josh and Kurt talk about some security gifts for boxing day. We start out with the idea of the security poverty line and discuss a few ideas for how a low resource group can make their open source more secure. There are no simple answers unfortunately. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_355_Security_Boxing_Day.mp3 Show Notes Wendy Nather Security Poverty Line Boots Theory