More Open Source Security episodes
Published 2 Feb 2026
Duration: 35:32
Emergency management and business continuity planning are critical for organizations to proactively identify and prepare for potential disruptions.
Josh talks to David Bernstein about the world of crisis management and business continuity. David is a certified emergency manager and tell us about p...
The podcast focuses on the critical role of emergency management and business continuity planning in ensuring organizational resilience against both major and minor disruptions. It underscores the complexity of modern systems by using a hospital as an example, illustrating how a single technology failure can lead to widespread operational challenges. The discussion emphasizes the value of scenario-based planning, including creative examples like "zombie plans," to prepare for a range of potential crises.
The conversation highlights the importance of crisis management strategies, the need for emergency managers to coordinate diverse perspectives, and the role of tabletop exercises in identifying weaknesses in preparedness plans. It also addresses human factors, such as stress and communication, as key elements of effective incident response, stressing the importance of practicing proper procedures to prevent the reinforcement of poor habits. The content further explores the distinctions between departmental and organization-wide planning, the necessity of infrastructure readiness, and the risks of over-relying on technology without adequate backup systems.
30 Mar 2026 Open Source Security at scale with Michael Wisner
The Alpha Omega Project addresses open-source security by targeting leverage points like Node.js and Python ecosystems, advocating for systemic solutions, dedicated security roles, sustainable funding, and registry infrastructure improvements to counter fragmented practices and downstream risks.
23 Mar 2026 2026 State of the Software Supply Chain with Brian Fox
The State of the Software Supply Chain Report underscores explosive open source growth (10T annual downloads) paired with critical challenges like malware proliferation (1.2M malicious packages), unresolved vulnerabilities (65% unaddressed), infrastructure strain, AI's dual role in risk (hallucinations) and potential (MCP systems), and urgent needs for improved tools, policies, and cost management amid regulatory and scalability pressures.
16 Mar 2026 MCP and Agent security with Luke Hinds
The text explores AI agent security risks like prompt injection and open-source vulnerabilities, emphasizing the No-NO project's kernel-based sandboxing with a deny-by-default model, hardware enclaves, and Rust-driven efficiency, alongside layered defenses, restricted commands, and collaborative efforts to tackle evolving threats like social engineering and insecure coding practices.
9 Mar 2026 The State of OpenSSL for pyca/cryptography with Alex Gaynor and Paul Kehrer
OpenSSL 3.0 is criticized for increased complexity, performance issues, and insufficient progress in testing and memory safety, sparking debate over its adoption and the need for alternative cryptographic libraries.
2 Mar 2026 Rust coreutils with Sylvestre Ledru
A modern rewrite of Unix command-line tools using Rust aims for memory safety, performance, and maintainability while achieving high compatibility.