Back

#87

October 10, 2022

Next Special - Log4j Reflections, Software Dependencies and Open Source Security

Guest:

Dr Nicky Ringland, Product Manager for Open Source Insights, Google

23:23

This is our special podcast series for Google Cloud Next 2022 (1 of 4).

Subscribe at Google Podcasts.

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Topics covered:

Let's talk Open Source Software - are all these dependencies dependable?
Why was log4j such a big thing - at a whole ecosystem level?
Was it actually a Java / Maven problem? Are other languages “better” or more secure?
Is another log4j inevitable? What can organizations to minimize their own risks?

Resources:

Security at Google Cloud Next 2022
Open Source Insights at deps.dev
Blog at blog.deps.dev with posts on Understanding the Impact of Apache Log4j Vulnerability and what happens After the Advisory
Assured Open Source Software service

Do you have something cool to share? Some questions? Let us know:

language Web cloud.withgoogle.com/cloudsecurity/podcast
mail_outline Mail cloudsecuritypodcast@google.com
Twitter @CloudSecPodcast
Download podcast

View more episodes