The ActiveState Podcast
Explore the critical aspects of software security with the ActiveState Podcast Series, focusing on mitigating supply chain attacks and navigating open source management in fintech. Discover strategies for balancing rapid development with robust security measures, leveraging AI, and understanding the Python ecosystem, empowering tech professionals to enhance enterprise security and innovation.
Episodes
![Episode 3, The Software Sweet Spot - Balancing Security and Development Speed](https://pbcdn1.podbean.com/imglogo/ep-logo/pbblog18851828/COVER_ART_THREE_-_Bonnie_Schneider_-_2_1__2fjvxc_300x300.png)
7 days ago
7 days ago
In "The Sweet Spot: Balancing Security and Development Speed," Episode 3 of The ActiveState Podcast, hosts Nicole Schwartz and Martin Drohmann dive into the challenges of managing security vulnerabilities while meeting development deadlines. They share practical tips for integrating security practices into your workflow and discuss how ActiveState's tools can help you avoid dependency hell and securely manage open-source projects. Tune in for an engaging conversation on finding the optimal balance between security and development efficiency.00:00 Introduction to the Podcast and Active State00:23 Balancing Security and Development Speed: A Friendly Argument01:33 The Developer's Perspective on Security and Prioritization03:38 The Security Perspective: Prioritizing Vulnerabilities05:05 Tooling and Techniques to Manage Security in Development07:35 The Challenge of Dependency Management in Open Source10:22 Active State's Solutions for Dependency Management and Security11:20 The Importance of Frequent Updates and Best Practices18:19 Concluding Thoughts on Security, Dependency Management, and Active State
![Episode 2, Tech Debt or Security? What makes you migrate?](https://pbcdn1.podbean.com/imglogo/ep-logo/pbblog18851828/the_active_state_podcast_-COVER_ART_Shane_-3_1__i7subn_300x300.png)
Monday Jun 17, 2024
Episode 2, Tech Debt or Security? What makes you migrate?
Monday Jun 17, 2024
Monday Jun 17, 2024
In episode 2, of the ActiveState podcast series,"Tech Debt or Security? What Makes You Migrate?" hosts Shane Warden, director of engineering, and Evan Smith, director of product, discuss the crucial decision between managing technical debt and addressing security issues. They explore how the definitions of tech debt and security have evolved, the trade-offs between rapid delivery and system stability, and the key indicators for when to migrate or upgrade systems. Listeners will gain insights into the impacts of tech debt on performance, the unpredictability of security threats, and practical strategies for proactive system maintenance. This episode provides valuable guidance for engineering and product management professionals looking to enhance their decision-making frameworks.00:00 Introduction and Hosts Introduction00:28 Defining Tech Debt and Security02:13 The Evolution of Tech Debt04:32 Customer Perception and Impact05:33 When to Address Tech Debt07:45 Balancing Tech Debt and Security12:06 Proactive vs. Reactive Approaches15:51 Strategies for Staying Up-to-Date20:08 Conclusion and Final Thoughts
![Episode 1, The Rise of Software Supply Chain Attacks](https://pbcdn1.podbean.com/imglogo/ep-logo/pbblog18851828/Cover_Art_Ep_One6ooh9_300x300.png)
Monday Jun 10, 2024
Episode 1, The Rise of Software Supply Chain Attacks
Monday Jun 10, 2024
Monday Jun 10, 2024
In this premiere episode of the ActiveState Podcast, hosts Pete Garcin and Dana Crane delve into the alarming increase in software supply chain attacks. They pinpoint vulnerabilities in open source software, and discuss various types of attacks like typosquatting and malware. Highlighting incidents such as SolarWinds and Log4j, the hosts shed light on the implications and sophistication of these threats. The episode underscores the need for strong security measures and offers a preview of future topics on safeguarding your software supply chain.00:00 Episode 1: The Rise of Software Supply Chain Attacks - Introduction00:25 Understanding ActiveState's Role in Software Security00:52 Defining the Software Supply Chain02:49 The Vulnerability of Open Source Supply Chains03:57 The Impact of Software Supply Chain Attacks10:22 The Evolution of Software Supply Chain Management13:27 Outsourcing Supply Chain Management for Better Security16:57 The Growing Threat of Software Supply Chain Attacks19:24 Conclusion and Invitation to Learn More