Security Archives - Software Engineering Daily

Blocking Ransomware Attacks with Anthony Cusimano

Ransomware attacks involve the deployment of malware that blocks access to a user’s or organization’s computer files by encrypting them. The attackers then demand a ransom payment in exchange for the decryption key that will restore access to the files. These attacks are often directed at governments and corporations, and can be costly. Veeam is a data storage system that was designed specifically to provide protection against ransomware attacks. Object First is a system that works with Veeam to increase its safety and security. Anthony Cusimano is the Director of Technical Marketing at Object First and he joins the podcast to talk about the growing sophistication of ransomware attacks and the emerging technologies to block them. This episode is hosted by Lee Atchison. Lee Atchison is a software architect, author, and thought leader on cloud computing and application modernization. His best-selling book, Architecting for Scale (O’Reilly Media), is an essential resource for technical teams looking to maintain high availability and manage risk in their cloud environments. Lee is the host of his podcast, Modern Digital Business, an engaging and informative podcast produced for people looking to build and grow their digital business with the help of modern applications and processes developed for today’s fast-moving business environment. Listen at mdb.fm. Follow Lee at softwarearchitectureinsights.com, and see all his content at leeatchison.com. Please click here to see the transcript of this episode. Sponsorship inquiries:sponsor@softwareengineeringdaily.com The post Blocking Ransomware Attacks with Anthony Cusimano appeared first on Software Engineering Daily.

Software Supply Chain Security with Michael Lieberman

One of the most famous software exploits in recent years was the SolarWinds attack in 2020. In this attack, Russian hackers inserted malicious code into the SolarWinds Orion system, allowing them to infiltrate the systems of numerous corporations and government agencies, including the U.S. executive branch, military, and intelligence services. This was an example of a software supply chain attack, which exploits interdependencies within software ecosystems. Software supply chain security is a growing issue, and is particularly important for companies that rely on large numbers of open source dependencies. Michael Lieberman is the Co-Founder and CTO of Kusari and has an extensive background in software security from his time at Citi Bank, MUFG and Bridgewater. He’s also active in the open source and security communities, including the Open Source Security Foundation and Cloud Native Computing Foundation. Michael joins the show today to talk about challenges and strategies in software supply chain security. Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk. Please click here for the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post Software Supply Chain Security with Michael Lieberman appeared first on Software Engineering Daily.

KubeCon Special: Sigstore with Santiago Torres-Arias

This episode of Software Engineering Daily is part of our on-site coverage of KubeCon 2023, which took place from November 6th through 9th in Chicago. In today’s interview, host Jordi Mon Companys speaks with Santiago Torres-Arias who is a contributor to Sigstore, which is a system to register software supply chain actors using federated identity management. Jordi Mon Companys is a product manager and marketer that specializes in software delivery, developer experience, cloud native and open source. He has developed his career at companies like GitLab, Weaveworks, Harness and other platform and devtool providers. His interests range from software supply chain security to open source innovation. You can reach out to him on Twitter at @jordimonpmm Please click here to see the transcript for this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post KubeCon Special: Sigstore with Santiago Torres-Arias appeared first on Software Engineering Daily.

The Future of HTTP with Nick Shadrin and Roman Arutyunyan

The Hypertext Transfer Protocol, or HTTP, is used to load webpages using hypertext links, and it’s the foundation of the web. Tim Berners-Lee famously created HTTP version 0.9 in 1989, and defined the essential behavior of a client and a server. Version 1.0 was eventually finalized in 1996, and its secure variant called HTTPS is now used on more than 80% of websites. HTTP continues to undergo intense development and version 3 in now being actively adopted across the tech industry. Nick Shadrin is a Software Architect at NGINX, and Roman Arutyunyan is a Principal Software Engineer at NGINX. Nick and Roman are experts in HTTP and they join the show today to tell the history of its evolution since 1989, and how NGINX is implementing support for HTTP/3. Mike Bifulco is CTO and co-founder of Craftwork. He’s also a developer advocate, writer, podcaster and serial startup founder. In past lives, Mike worked for Google, Stripe, Microsoft, and Gymnasium. Mike is also co-founder of APIs You Won’t Hate, a community for API Developers on the web. Mike’s publishes a weekly newsletter for product builders called Tiny Improvements at mikebifulco.com. Mike is on Mastodon at https://hachyderm.io/@irreverentmike Please click here to view this show’s transcript. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post The Future of HTTP with Nick Shadrin and Roman Arutyunyan appeared first on Software Engineering Daily.

Minimum Viable Security for Cloud Apps with David Melamed

Cloud applications continue to grow in popularity, but ensuring the security of these applications often presents a formidable engineering challenge. This challenge motivated the creation of Jit. Jit is a continuous security platform for developers, and seeks to enable every cloud app to start with minimum viable security, or MVS, without slowing development velocity. David Melamed is the Co-founder and CTO of Jit and he joins us in the episode to talk about his platform. Jeff is a DevSecOps engineer with  experience in security, the software development life cycle, and cloud technologies. His advanced expertise in HashiCorp technologies places him as one of the most sought after trainers in the Europe, Middle East, and Africa regions and beyond. Jeff has worked for a range of different companies – from small startups to some of the biggest financial institutions. He now successfully runs his own consultancy that provides services in DevSecOps, Cloud and Security. You can find Jeff at hemmen.lu. Sponsorship inquiries: sponsor@softwareengineeringdaily.com Please click here to view this show’s transcript. The post Minimum Viable Security for Cloud Apps with David Melamed appeared first on Software Engineering Daily.