Hear more podcasts from Intel
Discover the latest technology, products, and services in the world of software development by tuning in to podcasts from Intel and the open source community.
The Open at Intel podcast is about all things open source, from software to security to artificial intelligence to Linux and beyond. Each episode brings you fresh perspectives with sophisticated, leading-edge, free-ranging conversations from some of the best minds in the open source community.
Wednesday Jul 26, 2023
Wednesday Jul 26, 2023
Wednesday Jul 26, 2023
Cisco's Michael Chenetz, host of the Cloud Unfiltered podcast, joins us to talk through security challenges unique to Kubernetes, and the journey to the cloud native ecosystem for everyone from beginners to veterans.
Resources:
Overview of Cloud Native Security
Michael Chenetz is the head of technical product marketing and has lead cloud strategy in the CTO org for Cisco. Michael has consulted for many fortune 500 companies in Networking, Security, and Cloud. Michael is the host of the popular podcast, Cloud Unfiltered that discusses trends in cloud native technologies. You can find Michael speaking at most major cloud native events and online media outlets. |
Chris Norman An avid promoter of open source ecosystems, Chris writes documentation and presents at open source events, helping developers better understand Intel’s contributions to operating systems, languages, and runtimes. He also moderates the Clear Linux community forum. |
Wednesday Jul 12, 2023
Wednesday Jul 12, 2023
Wednesday Jul 12, 2023
Jessica Marz, Director of Intel's Open Source Program Office, discusses the role of the OSPO in securing the software supply chain and the role she plays in encouraging good open source citizenship.
Jessica Marz An expert at explaining legal concepts to software developers and software development concepts to lawyers, Jessica is responsible for defining and managing Intel’s open source approval policies and practices. She’s also an avid arts-and-crafter known for her creative reuse of materials. |
Wednesday Jun 28, 2023
Wednesday Jun 28, 2023
Wednesday Jun 28, 2023
The open source software ecosystem has always faced tough challenges related to community, governance, and scalability. More than ever before, much conversation about open source struggles is devoted to the security of the software supply chain, especially when considering the unique challenges of a distributed, often anonymous, community-based development team.
Josh Bressers, VP of Security at Anchore, fellow podcaster and Open SSF volunteer, joins us to talk about why, despite these challenges, open source isn't broken and how to address the very human aspects of open source security and communities.
Resources:
Avoiding the success trap: Toward policy for open-source software as infrastructure
All About SBOMs: The Software Bill of Materials
Open Source: The Nerd Version of Formula One
Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Josh is the co-lead of the OpenSSF SBOM Everywhere project and co-hosts the Open Source Security Podcast and the Hacker History Podcast. He also is the co-founder of the Global Security Database project to bring vulnerability identification into the modern age. |
Wednesday Jun 14, 2023
Wednesday Jun 14, 2023
Wednesday Jun 14, 2023
Jorge Castro of the Cloud Native Computing Foundation joins us to geek out on taking the desktop cloud native with immutable Linux, talk open source community sustainability, and have a lot of fun along the way.
Resources:
Jorge O. Castro is a community manager, specializing in Open Source. He's basically a cat herder – a combination of engineering, developer relations, and user advocacy. Jorge graduated with a degree in Telecommunications from Michigan State University and rode with the 11th Armored Cavalry Regiment for four years. He first entered the technology field at SAIC and then moved to system administration at the School of Engineering and Computer Science at Oakland University in Rochester Hills, Michigan. Jorge then joined Canonical to work on Ubuntu for about 10 years before moving to Heptio to work on Kubernetes. Heptio was then acquired by VMware in December 2018. He's currently at the CNCF working on developer relations. |
Chris Norman An avid promoter of open source ecosystems, Chris writes documentation and presents at open source events, helping developers better understand Intel’s contributions to operating systems, languages, and runtimes. He also moderates the Clear Linux community forum. |
Wednesday May 31, 2023
Wednesday May 31, 2023
Wednesday May 31, 2023
In this episode, we dive deep into the concept of attestation as it relates to building trust in our software and systems.
Marcela Melara and Vinnie Scarlata take us on a technical tour of both software and remote attestation and how these relate to ideas we've covered previously with software supply chain security and confidential computing. We talk trust and integrity, standards and projects, and share some best practices.
Dr. Marcela Melara is a research scientist in the Security and Privacy Group at Intel Labs. Her current work focuses on developing solutions for high-integrity software supply chains and building trustworthy distributed systems. She has several publications and patents filed related to her research, and leads a number of internal, academic and open-source efforts on software supply chain security. Prior to joining Intel, she received her PhD in Computer Science from Princeton University and did her undergraduate studies at Hobart and William Smith Colleges. She is a Siebel Scholar, a member of Phi Beta Kappa, and her research on CONIKS was awarded the Caspar Bowden PET Award. Outside of work, Marcela is an avid gardener, bookworm, hiker, and gamer. |
|
Vinnie Scarlata is a Principal Engineer in the Security & Privacy Research lab in Intel Labs. He is one of the architects for Intel® Software Guard Extensions and Trust Domain Extensions, and has 20+ years of research experience in various areas of security, e.g. Trusted Computing, Trusted Execution Environments (TEE), Attestation, Recoverable Platforms, Runtime Integrity, and Key Management. He has been granted 50+ patents and co-authored several papers. Vinnie received a MS in Information Security from Georgia Tech and a BS in Computer Science from the University of Massachusetts, Amherst. |
Wednesday May 17, 2023
Wednesday May 17, 2023
Wednesday May 17, 2023
Evaluating security risk associated with open source software projects can be a complex or even daunting task, but an Open Source Security Foundation project called OpenSSF Scorecard helps put some order and automation into the process.
In this episode, we chat with one of OpenSSF Scorecard's contributors, Brian Russell of Google, and Ryan Ware, Director of Open Source Security at Intel, about the problems Scorecard addresses, and how it might help improve the experience of developers and consumers of open source software. We'll take a deep dive into the automated security checks, how to use the data, and how to include Scorecards in a workflow.
Brian Russell is a Product Manager on Google’s Open Source Security Team. He focuses on software supply chain security and is actively involved in the OpenSSF Scorecards project. In his spare time, Brian enjoys 3D printing and Atari video game programming. |
|
Ryan Ware recently returned to Intel to focus on Open Source Software (OSS) security. He is currently helping drive Intel’s efforts in the Open Source Security Foundation (OpenSSF). Ryan is an industry veteran who has always worked at the intersection of open source software and security, be it implementing security features in open source software stacks, using open source software to find security vulnerabilities in software and hardware, or helping teams utilize OSS in a secure way. |
Wednesday May 03, 2023
Wednesday May 03, 2023
Wednesday May 03, 2023
In this episode, we discuss best practices for evaluating and consuming open source software with Ryan Ware, director of open source security at Intel. Ryan will share his wisdom earned over decades working with open source software security.
Ryan Ware recently returned to Intel to focus on Open Source Software (OSS) security. He is currently helping drive Intel’s efforts in the Open Source Security Foundation (OpenSSF). Ryan is an industry veteran who has always worked at the intersection of open source software and security, be it implementing security features in open source software stacks, using open source software to find security vulnerabilities in software and hardware, or helping teams utilize OSS in a secure way. |
Wednesday Apr 19, 2023
Wednesday Apr 19, 2023
Wednesday Apr 19, 2023
This episode explores an open source software vulnerability scanner called CVE Binary Tool, which scans binaries and component lists in your project and reports back known vulnerabilities based on data from NIST’s National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs).
My guest is Dr. Terry Oda, a security researcher at Intel and the lead maintainer of CVE Binary Tool, and co-host Chris Norman, Intel Open Source Evangelist joins us to explore the inner workings of the project and discuss contribution, community and the importance of developer-focused initiatives like Google Summer of Code.
Terri Oda has a PhD in horribleness, assuming we can all agree that web security is kind of horrible. She specializes in saying “no” and explaining things in varied roles as an open source security professional, a parent, and the volunteer coordinator of a summer mentoring program for Python. |
Everything open source at Intel. We have a lot to share and a lot to learn. Join us.
Discover the latest technology, products, and services in the world of software development by tuning in to podcasts from Intel and the open source community.