2022: A Retrospective

Image

Well, here we are at the end of 2022 and frankly, I'm hoping 2023 will be better. Is it just me or do things seem to continue getting worse? The economic uncertainty, war, inept governments, broken medical systems, intolerance across the board, and everyone seeming angry about everything... this year …

more ...

... And a pelican in a pear tree

Image

For a number of years, since getting more and more into management, I've had less time to do any real programming. So a highlight of the year, for the first few years at least, was to take time during the Christmas break to do some work, mostly on this blog …

more ...


Interview: When is it secure enough?

Image

I had the awesome opportunity to interview professor Daniel Gruss and one of his PhD students, Martin Schwarzl, a while back and the article recently was published in the Red Hat Research Quarterly magazine. For those who don't know, Daniel was one of the folks behind the discovery of the …

more ...


Risk-based vulnerability management

Image

For much of this year I've been advocating for a risk-based vulnerability management approach, rather than the "industry standard" checkbox-based approach. I've been talking to customers, both directly and at various events (such as Red Hat Summit in Boston, Red Hat Summit Connect in Dallas, directly with customers in Singapore …

more ...

Controlling software supply chain security will require new tools, automation and vigilance

Image

Recently I had the opportunity to join a few other Red Hatters to talk about software supply chains with SiliconAngle. They did a writeup "Controlling software supply chain security will require new tools, automation and vigilance" that was great and included the full series of videos.

The interview I did …

more ...

Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk

Image

Published on the Red Hat blog, noting here that Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk was posted yesterday. It's an article that talks about supply chain risk and associated costs -- after all, no software is truly "free" (which is why we prefer the …

more ...

2021: A Retrospective

Image

I think, like many people, I did not expect to be writing this at the end of 2021 and still be in the COVID-19 pandemic. Simply to get it out of the way because COVID certainly wasn’t the most exciting thing this year, the entire family got COVID in …

more ...