Snyk: Open Source Security with Guy Podjarny

The software supply chain includes cloud infrastructure, on-prem proprietary solutions, APIs, programming languages, networking products, and open source software. 

Each of these software categories has its own security vulnerabilities, and each category has tools that can help protect a company from attackers that are trying to exploit known vulnerabilities. As open source software has grown in popularity, it has turned into an enormous potential attack surface that is difficult to protect.

Snyk is a company that builds security tools for companies that are consuming open source. Guy Podjarny is the CEO of Snyk, and he joins the show to discuss the security vulnerabilities of open source projects, and how his business works. Guy was previously the CTO of Akamai, so he has significant experience in technical leadership. He also is the host of the podcast The Secure Developer, which I recommend for anyone who is interested in technical interviews about security topics.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

Announcements

  • We are hiring a content writer and also an operations lead. Both of these are part-time positions working closely with Jeff and Erika. If you are interested in working with us, send an email to jeff@softwareengineeringdaily.com.

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com/sed to get 20% off the first two months of audio editing and transcription services. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.


Sponsors

You don’t have to be a UI/UX designer to build impressive dashboards and reports. Logi Analytics has come up with 6 steps that will transform the user experience of your embedded analytics. Logi gives you complete control to create your own unique analytics experience. Visit logianalytics.com/sedaily to access 6 basic principles that will transform your dashboards.

 

If you’re a SaaS or Software vendor looking to modernize your application distribution to gain more enterprise adoption, check out Replicated.com. Replicated provides tools to deliver your Kubernetes-based application to enterprise customers as a modern on-prem, private instance.

G2i is a hiring platform run by engineers that matches you with React, React Native, GraphQL, and mobile engineers who you can trust. Whether you are a new company building your first product or an established company that wants additional engineering help, G2i has the talent you need to accomplish your goals. Go to softwareengineeringdaily.com/g2i

Jaspersoft offers embeddable reports, dashboards, and data visualizations that developers love. Give users intuitive access to data in the ideal place for them to take action—within your application. To check out a sample application with embedded analytics, go to softwareengineeringdaily.com/jaspersoft

Software Weekly

Software Weekly

Subscribe to Software Weekly, a curated weekly newsletter featuring the best and newest from the software engineering community.