Corbado is an authentication platform that provides APIs for developers to replace passwords with passkeys such as Face ID or Touch ID. Vincent Delitz is a Co-Founder at Corbado and he joins the show to talk about the platform, the changing aut

SimpleWebAuthn with Matthew Miller

Feb 14th, 2024 1h 4m

SimpleWebAuthn is an open source TypeScript-centric pair of libraries – frontend and backend – that make it easier for devs to implement WebAuthn on the web. Matthew Miller started the project in 2019 and it has grown in tandem with the popular

OpsHelm with Kyle McCullough

Jan 17th, 2024 35m 22s

Security issues can often be traced back to small misconfigurations in a database or cloud service, or an innocent code commit. OpsHelm is a security platform that’s oriented around identifying and fixing these issues. Kyle McCullough is the Co

Apiiro Security Posture Management with Yonatan Eldar

Jan 3rd, 2024 42m 54s

Software supply chain security is a major challenge in the modern engineering environment. Many teams are working to establish best practices to proactively identify, fix, and prevent risks in their applications. Apiiro is a platform designed t

Blocking Ransomware Attacks with Anthony Cusimano

Dec 21st, 2023 47m 22s

Ransomware attacks involve the deployment of malware that blocks access to a user’s or organization’s computer files by encrypting them. The attackers then demand a ransom payment in exchange for the decryption key that will restore access to t

Software Supply Chain Security with Michael Lieberman

Dec 6th, 2023 43m 6s

One of the most famous software exploits in recent years was the SolarWinds attack in 2020. In this attack, Russian hackers inserted malicious code into the SolarWinds Orion system, allowing them to infiltrate the systems of numerous corporatio

KubeCon Special: Sigstore with Santiago Torres-Arias

Dec 3rd, 2023 42m 15s

This episode of Software Engineering Daily is part of our on-site coverage of KubeCon 2023, which took place from November 6th through 9th in Chicago. In today’s interview, host Jordi Mon Companys speaks with Santiago Torres-Arias who is a cont

The Future of HTTP with Nick Shadrin and Roman Arutyunyan

Oct 11th, 2023 40m 43s

The Hypertext Transfer Protocol, or HTTP, is used to load webpages using hypertext links, and it’s the foundation of the web. Tim Berners-Lee famously created HTTP version 0.9 in 1989, and defined the essential behavior of a client and a server

Minimum Viable Security for Cloud Apps with David Melamed

Sep 12th, 2023 44m 40s

Cloud applications continue to grow in popularity, but ensuring the security of these applications often presents a formidable engineering challenge. This challenge motivated the creation of Jit. Jit is a continuous security platform for develo

Trusted Software Supply Chain with Vincent Danen

Jul 5th, 2023 44m 45s

Available as a cloud service, Red Hat Trusted Software Supply Chain provides a DevSecOps framework to create applications more securely. Vincent Danen is the VP of Product Security at Red Hat and joins us in this episode. Red Hat has been a Sec

Software Supply Chain with Feross Aboukhadijeh

May 16th, 2023 38m 32s

The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security

Kubernetes Security with Ian Coldwater

May 8th, 2023 32m 47s

Ian Coldwater is a DevSecOps engineer turned red teamer who specializes in breaking and hardening Kubernetes, containers, and cloud native infrastructure. In their spare time, they like to go on cross-country road trips, capture flags, and eat

Seamless SecOps with Jack Naglieri

Mar 22nd, 2023 44m 35s

A SIEM platform provides organizations with a powerful tool for improving their security posture, by providing insights into potential security threats and enabling proactive security measures. Panther is a Cloud based security monitoring platf

Bridgecrew: Cloud Security with Guy Eisenkot

Sep 20th, 2022 43m 14s

Cloud computing provides tools, storage, servers, and software products through the internet. Securing these resources is a constant process for companies deploying new code to their cloud environments. It’s easy to overlook security flaws beca

Panther: Security as Code with Jack Naglieri

Sep 8th, 2022 47m 18s

Originally published on August 23, 2021. Application security is usually done with a set of tools and services known as SIEM – Security Information and Event Management. SIEM tools usually try to provide visibility into an organization’s securi

WorkOS with Michael Grinich

Jul 6th, 2022 31m 51s

Enterprise-grade authentication is often an essential ingredient to virtually all applications in today’s world. However, companies often have a hard time understanding the value of that authentication especially during the early stages of prod

Kubernetes Security Compliance with Jimmy Mesta

Jun 1st, 2022 43m 36s

The Kubernetes ecosystem has drastically changed how development teams ship software. While Kubernetes has provided many advancements in cloud infrastructure, it has also left organizations with massive security blindspots. KSOC was created to

JavaScript Supply Chain with Feross Aboukhadijeh

Apr 23rd, 2022 45m 18s

The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an en

Software Supply Chain with Barak Schoster

Mar 11th, 2022 45m 43s

The software supply chain consists of packages, imports, dependencies, containers, and APIs. These different components each have unique security risks. To ensure the security of their software supply chain, many developers use tools to analyze

Snyk Engineering with Guy Podjarny

Feb 7th, 2022 49m 15s

Snyk is a platform for security that started with open source scanning and has expanded into container security, infrastructure as code, and other products. Snyk is a simple product to use, but has hidden complexities that build large data stru

The State of Software Supply Chain 2021 with Ilkka Turunen

Dec 14th, 2021 51m 14s

Everyone is becoming increasingly aware of supply chains for physical goods. Software has its own supply chain. A supply of open source solutions exists as does a demand for these solutions by industry. Both have surely grown, but it would b

Tetrate Service Bridge with Zack Butcher

Dec 3rd, 2021 50m 38s

Microservice architecture has become a ubiquitous design choice. Application developers typically have neither the training nor the interest in implementing low-level security features into their software. For this and many other reasons, the

Deploying Computer Vision to the Edge at Anduril Industries with Forrest Iandola

Nov 17th, 2021 55m 25s

Neural networks, in particular, deep neural networks have revolutionized machine learning. Researchers and companies have pushed on the efficiency of every aspect of the machine learning lifecycle. The impact of the trained models is particul

Deploying Computer Vision to the Edge at Anduril Industries with Forrest Iandola

Nov 17th, 2021 48m 36s

#FREEZUCK | ?masked…?… !(DOCTORS)!!

Nov 10th, 2021 2m 45s

Software Engineering Daily invites Owen Frank Davis, Paul Davis, Kyle Davis, and Robbie Davis for a joint interview on the subject of reproduction and teething, as well as Lisch fascitis. Aledade and Kubernetes are both inconsiderate ideas for