JavaScript Supply Chain with Feross Aboukhadijeh

The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the industry that has historically been obsessed with just reporting on known vulnerabilities. Feross is the Founder and CEO of Socket Security. He joins the show to talk about Socket’s approach to detecting and blocking supply chain attacks.

 

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com to get 15% off the first three months of audio editing and transcription services with code: SED. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.


Sponsors

Act in Time with InfluxData. Easy to start, easy to scale. InfluxDB is THE open-source time-series database. Programmable and performant with a common API across OSS, cloud, and Enterprise offerings, InfluxDB gives you high granularity, high scale, and high availability. Capture, analyze, and store millions of points per second, and gain visibility across all your data sources. To learn more and get started for free, visit influxdata.com/sedaily

Discover how the most innovative companies, from cloud-native growth machines to forward-thinking enterprises, are automating, simplifying, and optimizing their cloud infrastructure with Spot by NetApp.

Check them out at spot.io/sedaily where you can find more information, request a demo, or give a try by starting a free trial.

Puppet, the industry leader for infrastructure automation, invites you to a fireside chat to learn how to increase collaboration and build a culture of joint accountability for compliance and security across your organization.

Join Alex Hin, Senior Product Manager at Puppet, for a discussion of how IT, security, compliance, and risk management teams can work together to protect your organization from risk.

You can join Puppet for the conversation on Thursday, April 7th at 11 AM eastern and start building your own culture of accountability that enhances compliance by registering at events.puppet.com/fireside.

 

Capital One believes everyone deserves better banking. This means easier access to your money and more security. That’s why Capital One is investing in machine learning. Machine Learning allows Capital One to do things like Fight fraud with random forests. Identify how mobile app outages happen with casual models. Speed up online shopping with machine learning at the edge. The potential of machine learning is so big. See how Capital One is using machine learning to create the future of banking. Machine learning at Capital One. What’s in your wallet? Visit capitalone.com/ML

Data engineers struggling with unreliable data rely on Monte Carlo, the world’s first end-to-end, fully automated Data Observability Platform! Monte Carlo enables data teams with visibility into the quality and reliability of their analytical data to maximize business impact. Start trusting your data with Monte Carlo today! Visit softwareengineeringdaily.com/montecarlodata to learn more.

Software Daily

Software Daily

 
Subscribe to Software Daily, a curated newsletter featuring the best and newest from the software engineering community.