In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint working at Apple’s Genius bar, to the information security space – first at product security at Apple and now at GitHub, a massive development platform that is increasingly in the crosshairs of sophisticated cyber criminals and nation-state actors.
Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass
Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”
Spotlight: Automation Beckons as DevOps, IoT Drive PKI Explosion
Brian Trzupek of DigiCert joins Paul to talk about the findings of a recent State of PKI Automation survey and the challenges of managing fast-growing population of tens of thousands of PKI certificates.
Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security
In this episode of the podcast
(#216) we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the firm SolarWinds.
What SolarWinds Tells Us About Securing the Software Development Supply Chain
The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.