How To Secure Open-Source Dependencies - BONUS

12/16/22 • 43 min

Supply chain security, a subset of supply chain management, is concerned with the risk management of third-party vendors, suppliers, logistics, and transportation.
Stephen Chin is the Head of Developer Relations at JFROG. He is also a Speaker and the Author of DevOps Tools for Java Developers. Stephen joins Chuck for this bonus episode to talk about Supply Chain Security and Pyrsia.io. He begins by sharing some instances of how attackers are able to access different companies’ assets, software, systems, and others.
Additionally, Stephen offers solutions on how to prevent or eliminate those attacks. Pyrsia.io is a solution that secures open-source builds and distribution with the goal of securing the software supply chain of open-source dependencies.
Links

Advertising Inquiries: https://redcircle.com/brands
Privacy & Opt-Out: https://redcircle.com/privacy

Advertising Inquiries: https://redcircle.com/brands
Privacy & Opt-Out: https://redcircle.com/privacy

Previous Episode

SwampUp: Process for Fixing System Issues & Delivering Integrations Efficiently - DevOps 141

Join Chuck Wood as he hosts the DevOps episode this week to do an interview with one of the SwampUp speakers. SwampUp is an in-person DevOps event organized by JFrog. Fernando Babadopulos is an Eternal software developer, serial entrepreneur, and speaker. He is also the Co-Founder at the tail.digital. He talks about a plugin that they developed, how it works and how developers can benefit from it.
About this Episode

All about JFrog's X-ray Integration
How the plugin resolves system issues
Process of creating a plugin

For the second part of this episode, Chuck Wood interviews other SwampUp speakers. Eli Aleyner and Sergei Egorov are both the Co-founders of AtomicJar. The goal of AtomicJar is to create developer-friendly tools that will improve automated testing.
About This Episode

The basics of Integration Testing
All about Test Containers
Test containers' benefit to developers

Next Episode

Learning How To Learn - DevOps 142

As a developer, you should “Focus on solving business problems rather than technical expertise”. The panel joins the show to talk about Will’s YouTube video, “Don’t Do DevOps”. They offer their advice on how to advance with your career and expertise when a certain tool, framework, or language you’re focused on is suddenly not your company’s focus. As new developers grow in their careers, they also share tips on how to specialize in a particular area and learn the "basics" especially when you're starting your career.
Sponsors

Links