OSS Summit 2023

Image

I had the opportunity to attend the OSS Summit 2023 in Vancouver, BC. Probably the easiest conference I've ever attended, travel-wise, as it was about three hours door-to-door. Contrast that to Red Hat Summit in Boston, which is about 12 hours door-to-door.

The conference was great, I believe there were …

more ...


Joplin server on TrueNAS Scale

I'm an avid note taker and have migrated through a series of different tools to take notes, some proprietary and some open source. I've gone through Quiver, Inkdrop, Agenda, and recently I migrated everything to Joplin. But I wanted to be able to sync my notes between devices and I …

more ...

OpenSSF spotlight

Recently I had the opportunity to be interviewed as a member of the OpenSSF governing board. In fact, I'm not sure I mentioned this here before... I've been an observer on the board for all of 2022 and at the beginning of 2023 I joined the governing board as a …

more ...


Interview: When is it secure enough?

Image

I had the awesome opportunity to interview professor Daniel Gruss and one of his PhD students, Martin Schwarzl, a while back and the article recently was published in the Red Hat Research Quarterly magazine. For those who don't know, Daniel was one of the folks behind the discovery of the …

more ...


Risk-based vulnerability management

Image

For much of this year I've been advocating for a risk-based vulnerability management approach, rather than the "industry standard" checkbox-based approach. I've been talking to customers, both directly and at various events (such as Red Hat Summit in Boston, Red Hat Summit Connect in Dallas, directly with customers in Singapore …

more ...

Controlling software supply chain security will require new tools, automation and vigilance

Image

Recently I had the opportunity to join a few other Red Hatters to talk about software supply chains with SiliconAngle. They did a writeup "Controlling software supply chain security will require new tools, automation and vigilance" that was great and included the full series of videos.

The interview I did …

more ...