The ActiveState Podcast

In Episode 6, of the ActiveState Podcast Series, "The Wall Street FinTech Perspective of Open Source," hosts Darya Niknamian and Pablo Bleck discuss the challenges and advantages of using open source software in the financial industry. Listeners will gain insights into managing open source dependencies securely, the importance of maintaining brand trust, and how financial institutions can navigate the complexities of open source to innovate quickly while staying compliant with regulations. Discover strategies for balancing security with speed and efficiency in the fintech world.00:00 Introduction to the Active State Podcast00:11 Meet the Hosts: Insights from Fintech Veterans00:59 The Challenges of Managing Open Source in Fintech01:28 The Importance of Trust and Security in Financial Industries03:50 The Pros and Cons of Open Source in Fintech06:45 Navigating the Complexities of Open Source Dependencies08:28 Security Practices and Challenges in Fintech13:21 ActiveState's Approach to Software Supply Chain Security19:49 The Future of Security in Fintech and Closing Thoughts

In episode five of the ActiveState series, cybersecurity experts Nicole Schwartz and Dana Crane discuss essential strategies for protecting the open source ecosystem. They delve into the growing threat of supply chain attacks, the importance of understanding the origins of open source components, and effective ways to mitigate these risks. Learn about the role of AI in security, the necessity of timely patching, and the benefits of outsourcing open source management to enhance productivity and security. Discover how collective responsibility can foster a more secure and efficient open source community.
Keywords: cybersecurity, open source, supply chain attacks, AI in security, patching vulnerabilities, open source management, enterprise security, Nicole Schwartz, Dana Crane.

Welcome to Episode Four of the ActiveState Podcast Series, diving deep into everything Python with our trusted publishers and authors. Join host Pete Garcin, director of product at ActiveState, along with software engineer and Python specialist Jeremy Page, as they unravel the latest in the Python ecosystem and explore the advancements in trusted publishing initiatives. Uncover the importance of trusted entities like ActiveState in securing your packages without the hassle of passwords. Pete and Jeremy shed light on the significance of organizations, short-lived tokens and the evolution of trusted publishing that is revolutionizing the Python community. Whether you're a seasoned Python developer or just stepping into the world of coding, this episode is packed with technical expertise and valuable insights that will elevate your Python experience.00:00 Introduction to Episode Four00:28 Understanding Trusted Publishing02:04 Security Benefits of Trusted Publishing03:34 Workflow Improvements with Trusted Publishing04:36 Provenance and Supply Chain Security11:08 Short-Lived Tokens and Security12:51 Origins of Trusted Publishing14:02 Building and Testing Python Packages17:26 ActiveState Platform for Python Authors18:13 Conclusion and Next Steps

In "The Sweet Spot: Balancing Security and Development Speed," Episode 3 of The ActiveState Podcast, hosts Nicole Schwartz and Martin Drohmann dive into the challenges of managing security vulnerabilities while meeting development deadlines. They share practical tips for integrating security practices into your workflow and discuss how ActiveState's tools can help you avoid dependency hell and securely manage open-source projects. Tune in for an engaging conversation on finding the optimal balance between security and development efficiency.00:00 Introduction to the Podcast and Active State00:23 Balancing Security and Development Speed: A Friendly Argument01:33 The Developer's Perspective on Security and Prioritization03:38 The Security Perspective: Prioritizing Vulnerabilities05:05 Tooling and Techniques to Manage Security in Development07:35 The Challenge of Dependency Management in Open Source10:22 Active State's Solutions for Dependency Management and Security11:20 The Importance of Frequent Updates and Best Practices18:19 Concluding Thoughts on Security, Dependency Management, and Active State

In episode 2, of the ActiveState podcast series,"Tech Debt or Security? What Makes You Migrate?" hosts Shane Warden, director of engineering, and Evan Smith, director of product, discuss the crucial decision between managing technical debt and addressing security issues. They explore how the definitions of tech debt and security have evolved, the trade-offs between rapid delivery and system stability, and the key indicators for when to migrate or upgrade systems. Listeners will gain insights into the impacts of tech debt on performance, the unpredictability of security threats, and practical strategies for proactive system maintenance. This episode provides valuable guidance for engineering and product management professionals looking to enhance their decision-making frameworks.00:00 Introduction and Hosts Introduction00:28 Defining Tech Debt and Security02:13 The Evolution of Tech Debt04:32 Customer Perception and Impact05:33 When to Address Tech Debt07:45 Balancing Tech Debt and Security12:06 Proactive vs. Reactive Approaches15:51 Strategies for Staying Up-to-Date20:08 Conclusion and Final Thoughts

In this premiere episode of the ActiveState Podcast, hosts Pete Garcin and Dana Crane delve into the alarming increase in software supply chain attacks. They pinpoint vulnerabilities in open source software, and discuss various types of attacks like typosquatting and malware. Highlighting incidents such as SolarWinds and Log4j, the hosts shed light on the implications and sophistication of these threats. The episode underscores the need for strong security measures and offers a preview of future topics on safeguarding your software supply chain.00:00 Episode 1: The Rise of Software Supply Chain Attacks - Introduction00:25 Understanding ActiveState's Role in Software Security00:52 Defining the Software Supply Chain02:49 The Vulnerability of Open Source Supply Chains03:57 The Impact of Software Supply Chain Attacks10:22 The Evolution of Software Supply Chain Management13:27 Outsourcing Supply Chain Management for Better Security16:57 The Growing Threat of Software Supply Chain Attacks19:24 Conclusion and Invitation to Learn More