Security Icon

Security

InfoSec, DevSec, Penetration Testing, etc.
144 Stories
All Topics

Founders Talk Founders Talk #71

From acquisition to full conviction

Guy Podjarny is the Founder of Snyk, a security platform that empowers software-driven businesses to develop fast and stay secure. Prior to Snyk, Guy founded Blaze which was acquired by Akamai and became CTO. We talked through the topic of acquisition — the sale, the merge, the learnings, and why Guy might not be planning for Snyk to be acquired anytime soon. We started the conversation with Snyk’s recent raise of $150 million dollars.

The Changelog The Changelog #389

Securing the web with Let's Encrypt

We’re talking with Josh Aas, the Executive Director of the Internet Security Research Group, which is the legal entity behind the Let’s Encrypt certificate authority. In June of 2017, Let’s Encrypt celebrated 100 Million certificates issued. Now, just about 2.5 years later, that number has grown to 1 Billion and 200 Million websites served. We talk with Josh about his journey and what it’s taken to build and grow Let’s Encrypt to enable a secure by default internet for everyone.

The Changelog The Changelog #377

Meet Algo, your personal VPN in the cloud

The commercial VPN industry is a minefield to navigate and many open source solutions are a pain to use or ill-suited for the task. Algo VPN, on the other hand, is a self-hosted personal VPN designed for ease of deployment and security. It uses the securest industry standards, builds on rock-solid solutions like WireGuard and Ansible, and runs on an ever-growing list of cloud hosting providers.

On this episode Dan Guido –CEO of security firm Trail of Bits and Algo’s creator– joins Jerod to discuss the project in depth.

The Changelog The Changelog #326

The insider perspective on the event-stream compromise

Adam and Jerod talk with Dominic Tarr, creator of event-stream, the IO library that made recent news as the latest malicious package in the npm registry. event-stream was turned malware, designed to target a very specific development environment and harvest account details and private keys from Bitcoin accounts.

They talk through Dominic’s backstory as a prolific contributor to open source, his stance on this package, his work in open source, the sequence of events around the hack, how we can and should handle maintainer-ship of open source infrastructure over the full life-cycle of the code’s usefulness, and what some best practices are for moving forward from this kind of attack.

The Changelog The Changelog #325

A good open source password manager? Inconceivable!

Perry Mitchell joined the show to talk about the importance of password management and his project Buttercup — an open source password manager built around strong encryption and security standards, a beautifully simple interface, and freely available on all major platforms.

We talked through encryption, security concerns, building for multiple platforms, Electron and React Native pros and woes, and their future plans to release a hosted sync and team service to sustain and grow Buttercup into a business that’s built around its open source.

0:00 / 0:00