Shows
Daily Security ReviewChainguard’s $3.5 Billion Valuation Signals Massive Investor Confidence in Secure-by-Default SoftwareChainguard, the Kirkland, Washington-based cybersecurity company, has announced a landmark $280 million growth funding round led by General Catalyst’s Customer Value Fund (CVF), pushing its total capital raised to nearly $900 million and valuing the firm at $3.5 billion. This new round marks a pivotal phase for Chainguard as it shifts from product-focused development to large-scale go-to-market execution, all while maintaining an ironclad focus on product innovation and security.Founded on the mission to secure the open source software supply chain, Chainguard provides over 1,700 secure-by-default container images, curated language libraries, and purpose-built VM images designed to eliminate known vulnerabilities be...
2025-10-2824 min
RadioCSIRT : Edition FrançaiseRadioCSIRT — Votre actu cybersécurité du mardi 28 octobre 2025 (Ép.468)Bienvenue dans votre bulletin cybersécurité du jour ⚡️💰 Chainguard — Financement de 280 millions de dollarsChainguard a levé 280 millions de dollars auprès de General Catalyst pour accélérer la diffusion d’un open source sécurisé et vérifiable.L’entreprise dépasse désormais 892 millions de dollars de financement total et revendique plus de 1 700 images “zero-CVE” dans son catalogue.🐧 Xen — CVE-2025-58149Une vulnérabilité dans l’hyperviseur Xen, référencée CVE-2025-58149, permet une atteinte à la confidentialité des données et un contournement de la politique de sécurité.Les versions 4.18.x à 4.20.x a...
2025-10-2811 min
LINUX Unplugged635: The Texas Linux Fest SpecialOur cross-continent race to Texas Linux Fest culminates into fantastic meat, meetups, and more.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.
1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility.
Support LINUX UnpluggedLinks:🤠 Texas Lin...
2025-10-061h 30
All Jupiter Broadcasting ShowsThe Texas Linux Fest Special | LINUX Unplugged 635Our cross-continent race to Texas Linux Fest culminates into fantastic meat, meetups, and more.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.
1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility.
Support LINUX UnpluggedLinks:🤠 Tex...
2025-10-0500 min
What the Dev?328: What you should know about Shai-Hulud and its impact on npm (with Chainguard's Dan Lorenc)In this episode, Jenna interviews Dan Lorenc, CEO of Chainguard, about the Shai-Hulud worm that has made its way through the npm ecosystem.They discuss:What Shai-Hulud is and why it's so badSecurity measures GitHub plans to implement in npm Best practices to follow to mitigate risk
2025-09-3010 min
The Cyber Go-To-Market podcast for cybersecurity sales and marketing teams. Save Cybr Donut!From 8 to 500: Scaling Hypergrowth in Cybersecurity GTM – Ryan Carlson, President of GTM, ChainguardSend me a text (I will personally respond)Are you wrestling with how to scale your sales team without losing focus on what truly matters? Do you wonder how to maintain a customer-centric approach as your company experiences hypergrowth? Or maybe you’re trying to figure out the right time and way to segment your go-to-market organization. This episode offers deep, practical insights on these pressing challenges, straight from one of cybersecurity’s fastest-growing companies.In this conversation, we discuss: 👉 Chainguard’s unique approach to building scalable, segmented go-to-market teams early and the ri...
2025-09-0242 min
SourceForge PodcastSecure Your Containers Effectively: ChainguardChainguard delivers the world’s most secure open source software with over 1,500 continuously rebuilt, minimal, and malware-resistant container images designed to eliminate vulnerabilities and reduce attack surfaces. By uniting engineering and security priorities, Chainguard frees developers from patching toil, simplifies compliance, and accelerates innovation to get products to market faster with confidence.In this episode, we speak with Kim Lewandowski, Chief Product Officer and Co-Founder of Chainguard. The discussion centers around Chainguard’s innovative approach to software supply chain security, focusing on reducing vulnerabilities in open source and cloud-native software. Kim shares insights into the company’s foundi...
2025-08-2024 min
Kubernetes for Humans#047 - Securing the Software Supply Chain and Kubernetes with Dustin Kirkland (Chainguard)Meet Dustin Kirkland, VP of Engineering at Chainguard. Dustin shares his fascinating 26-year journey in the tech industry, from IBM and two stints at Canonical to roles at Google (working on GKE), Apex, and Goldman Sachs, eventually leading him back to engineering at Chainguard.
Discover how Chainguard is helping secure the software supply chain, focusing on building secure containers primarily for Kubernetes. Learn about the critical problem of software vulnerabilities (CVEs) and how Chainguard's products, including their hardened container images with a zero CVE goal and accelerated patching SLAs, address this challenge.
Dustin also introduces...
2025-08-0633 min
The Tech TrekHow to Secure the Software Supply ChainIn this episode of The Tech Trek, Amir sits down with Matt Moore, CTO and co-founder of Chainguard, to explore the escalating importance of software supply chain security. From Chainguard’s origin story at Google to the systemic risks enterprises face when consuming open source, Matt shares the lessons, best practices, and technical innovations that help make open source software safer and more reliable. The conversation also touches on AI’s impact on the attack surface, mitigating threats with engineering rigor, and why avoiding long-lived credentials could be your best defense.🔑 Key Takeaways:Secur...
2025-06-1736 min
GeekWireAI teammates, a fully remote unicorn, and the new world of workOn this week’s GeekWire Podcast: Microsoft sees a future where humans manage fleets of AI agents — promising to fundamentally change the way companies are run and work gets done. Plus, we dive into the story of Chainguard, the $3.5 billion cybersecurity startup proving that a fully remote company can scale fast without a physical office. And we explore how AI is reshaping everyday life, from travel planning to home repairs. Related stories Meet your new AI teammate: Microsoft sees humans as ‘agent bosses,’ upending the workplace: Microsoft’s 2025 Work Trend Index envisions a future where employees m...
2025-04-2627 min
TBPNKarri Saarinen, Sean Frank, Semil Shah, Dan Lorenc, Google's Earnings Power Holding Up Well, Intel Says Layoffs are in Store, The Relationship Between Netflix and The NFL, Elon's Friends Sell Access to Stakes in Private CompaniesKarri Saarinen is the co-founder and CEO of Linear, a popular issue tracking and project management tool. Previously, he was a design lead at Airbnb, focusing on design systems and product development. @karrisaarinenSean Frank is the CEO of Ridge, best known for the Ridge Wallet and expanding the brand into a broader EDC (everyday carry) company. He has a background in e-commerce and performance marketing. @SeanEcomSemil Shah is the founder of Haystack, a venture capital firm that has backed companies like DoorDash and Instacart early on. He is a seasoned investor...
2025-04-252h 46
Cyber BriefingApril 24, 2025 - Cyber Briefing👉 What's going on in the cyber world today? 🚨 #CyberAlertsGitLab Urges Immediate Updates as XSS and Account Takeover Bugs Threaten UsersSource: GitLabGoogle Forms Used in Surge of Phishing Attacks Targeting User CredentialsSource: Phil Muncaster via ESETSonicWall Urges Patch for Critical Vulnerability in SSLVPN Affecting Remote FirewallsSource:SonicWallRussian Hackers Use Social Engineering to Access Microsoft 365 AccountsSource: Charlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster via VolexityFireE...
2025-04-2410 min
The Peel with Turner NovakLessons Going Zero to $40M ARR in Two Years | Dan Lorenc, ChainguardDan Lorenc is the Co-founder and CEO of Chainguard, the safe source for open source.The internet runs on free, open source software. But as its risen in popularity, its become the latest attack point targeted by hackers and nation states.This conversation with Dan gets into the history of open source software, cloud computing, Linux, the software supply chain, how AI will impact it, and what the next big cyber attack will look like.Dan is an engineer, but he also loves sales...
2025-04-241h 14
GREY Journal Daily News PodcastChainguard's rapid rise to a multi-billion dollar valuation raises questions about software securityChainguard, a software supply chain security startup, secured $356 million in a Series D funding round, achieving a valuation of $3.5 billion. The funding was co-led by Kleiner Perkins and IVP, with new investors including Salesforce Ventures and Datadog Ventures. The valuation reflects a threefold increase from the previous valuation of $1.12 billion after a $140 million Series C round. Chainguard focuses on secure software development tools, particularly for open-source software, and reported an annual recurring revenue of $40 million, aiming to exceed $100 million by fiscal year 2026. The company has raised a total of $612 million since its founding in 2021. Cybersecurity investment remains strong, with...
2025-04-2302 min
The New Stack PodcastContainer Security and AI: A Talk with Chainguard's FounderIn this episode of The New Stack Makers, recorded at KubeCon + CloudNativeCon Europe, Alex Williams speaks with Ville Aikas, Chainguard founder and early Kubernetes contributor. They reflect on the evolution of container security, particularly how early assumptions—like trusting that users would validate container images—proved problematic. Aikas recalls the lack of secure defaults, such as allowing containers to run as root, stemming from the team’s internal Google perspective, which led to unrealistic expectations about external security practices.The Kubernetes community has since made strides with governance policies, secure defaults, and standard practices like avoiding long-lived credent...
2025-04-2220 min
The Cloud Native AttitudeEpisode 3: Docker Did to Apt what Apt did to TarIn the third episode of The Cloud Native Attitude Jamie and Ian are joined by Adrian Mouat (author of Container Security and part of the team at Chainguard) for a deep dive into containers, security, and the hidden complexity of modern software supply chains.They get into why containers really took off (spoiler: it's not just about microservices), and how eliminating build variability can make or break a team’s ability to scale. Adrian shares what his team at Chainguard is doing to rethink container security from the ground up, plus some of the surprising ways vulnerabilities can...
2025-03-2135 min
Safe Mode PodcastChainguard’s Dan Lorenc on the next decade of software supply chain securityIn this episode, Greg Otto talks with Dan Lorenc, CEO and co-founder of Chainguard. They explore the challenges organizations face with CVE management, where dealing with vulnerabilities often drains valuable engineering resources. They also discuss how new visualization tools are redefining this landscape by offering clear insights into CVE trends, empowering teams to make informed decisions and optimize both security and efficiency in their software development processes.
In our reporter chat, Greg talks with Matt Kapko about the United States’ indictment of China-linked hackers.
2025-03-0628 min
Gitbar - Italian developer podcastEp.215 - Distrobox con Luca di Maio (Chainguard)In questo episodio di GitBar, i conduttori discutono di Distrobox, un innovativo strumento per gestire container, e del lavoro in ChainGuard, un'azienda focalizzata sulla sicurezza delle immagini Docker. Viene approfondito il concetto di S-BOM (Software Bill of Materials) e la sua importanza nella sicurezza del software. Inoltre, si esplora la mancanza di una convergenza nei sistemi operativi simile a quella di Kubernetes, evidenziando le differenze di investimento e supporto tra i due ambiti. La conversazione esplora l'evoluzione delle distribuzioni Linux, evidenziando le differenze tra di esse e l'importanza delle scelte fatte dagli utenti. Si discute dell'esperienza utente, delle preferenze per...
2025-02-271h 49
Nerding Out With ViktorDustin Kirkland on Chainguard, Zero-CVE Containers, and Supply Chain SecurityIn this episode of Nerding Out with Viktor, host Viktor Petersson sits down with Dustin Kirkland from Chainguard for an illuminating discussion on modern supply chain security and container hardening. Drawing from his rich experience across tech giants like IBM, Red Hat, Canonical, and Google, Dustin shares invaluable insights into the evolution of container security and the critical importance of maintaining secure infrastructure.
The conversation delves deep into Chainguard's innovative approach to building minimal, hardened container images directly from source code. Dustin explains their groundbreaking Zero-CVE initiative, demonstrating how continuous rolling updates and careful dependency management can dramatically...
2025-02-1459 minNerding Out With Viktor (audio only)Dustin Kirkland on Chainguard, Zero-CVE Containers, and Supply Chain SecurityIn this episode of Nerding Out with Viktor, host Viktor Petersson sits down with Dustin Kirkland from Chainguard for an illuminating discussion on modern supply chain security and container hardening. Drawing from his rich experience across tech giants like IBM, Red Hat, Canonical, and Google, Dustin shares invaluable insights into the evolution of container security and the critical importance of maintaining secure infrastructure.
The conversation delves deep into Chainguard's innovative approach to building minimal, hardened container images directly from source code. Dustin explains their groundbreaking Zero-CVE initiative, demonstrating how continuous rolling updates and careful dependency management can dramatically...
2025-02-1459 min
Cloud Native CompassFrom Kubernetes to Cloud Run: Chainguard's JourneyExploring Cloud Migrations & Infrastructure Strategies with Jason Hall of ChainguardClick here to watch a video of this episode.
In this episode of the Cloud Native Compass podcast, hosts David Flanagan and Laura Santamaria chat with Jason Hall, Principal Engineer at Chainguard. They delve into Chainguard's migration from Kubernetes and Knative to Cloud Run, discussing the reasons behind the move, cost considerations, managing technical debt, and best practices for infrastructure management. The conversation also covers the benefits of using Cloud Run, their strategic use of BigQuery for event logging, and insights into least access security...
2025-01-1656 min
Build ModeWhat the Chainsmokers bring to the cap table with Dan Lorenc from ChainguardThis week we’re taking you backstage at TechCrunch Disrupt. Becca Szkutak had the chance to talk with Dan Lorenc, the CEO and co-founder of cybersecurity startup Chainguard following their conversation on stage with prominent investors, The Chainsmokers. They discuss how the EDM duo's venture fund MANTIS went from being viewed skeptically by traditional VCs to becoming a highly sought-after investment partner in the B2B space, how Lorenc scaled the company in a difficult time for cybersecurity, and what value celebrity investors can add to a startup.Check out the full onstage conversation here.00:00...
2024-11-0518 min
Limitless Possibility238: For Big Nerds OnlyYanik brings not one, but three topics to the table this week in a Linux grab bag episode.Related LinksEasy CI runner provisioning with Fedora coreOSFedora coreOSBitbucket Support: Set up runners for Linux DockerHN comment thread on disabling SELinuxLinux on the smartphone with postmarketOSpostmarketOSSupported devices and their compatibility matricespostmarketOS Wiki: Motorola Moto G4 Play (motorola-harpia)The Pixel 3a camera tootMore reliable container SBOMs with WolfiChainguard Academy: Wolfi OverviewGitHub/chainguard-dev: melangeGitHub/chainguard-dev: apko
2024-10-211h 04
A Product Market Fit Show | Startup Podcast for FoundersHe quit Google with no startup idea, raised $50M from Sequoia with no revenue— & grew to 8 figures in ARR. | Dan Lorenc, Founder of ChainguardThis episode is going to piss you off. Most founders struggle to raise their first few million. Many have to bootstrap for years. Even once there's revenue, many get rejected because they're "too early". Dan had dozens of VCs asking to invest before he even quit his job. He raised his first $5M with no deck, no story, and no product idea. All it took was two founders who wanted to build something in the security space. To add fuel to the fire, 6 months after he incorporated, he raised a $50M round from Sequoia... with no revenue!
2024-10-1131 min
The Modern .NET ShowChainguard and Securing Your Containers with Adrian MouatRJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by RJJ Software's Podcasting Services, whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "Okay. So I'll come on to that point is that's obviously something i'd like to talk about. But a couple of things I should mention, I guess. That I think you're absolutely right with all the points you raised, but we are trying to work on on everything there. So a...
2024-10-111h 05
Software Engineering DailyContainer Security with Matt MooreSoftware supply chain attacks exploit interdependencies within software ecosystems. Security in the supply chain is a growing issue, and is particularly important for companies that rely on large numbers of open source dependencies.Chainguard was founded in 2021 and offers tools and secure container images to improve the security of the software supply chain.Matt Moore is the Founder and CTO of Chainguard. He started his career in compiler optimization at Microsoft and worked at Google before starting Chainguard. He joins the show with Gregor Vand to talk about container security.Gregor Vand is...
2024-09-2659 min
The Lawfare Podcast: Patreon EditionLawfare Daily: Securing Open Source Software, with John Speed Meyers and Paul GibertLawfare Fellow in Technology Policy and Law Eugenia Lostri sits down with John Speed Meyers, head of Chainguard Labs, and Paul Gibert, a research scientist at Chainguard Labs to talk about the distinct challenges of securing open source software (OSS). They discuss what sorts of harms OSS compromises can lead to, how Log4J opened a political window for action on OSS security, and how the software liability debate affects OSS developers.Meyers and Gibert authored a Lawfare article questioning the conventional wisdom on how software liability could deal with OSS. Get for Ad Free Podcasts
2024-09-0947 min
The Lawfare PodcastLawfare Daily: Securing Open Source Software, with John Speed Meyers and Paul GibertLawfare Fellow in Technology Policy and Law Eugenia Lostri sits down with John Speed Meyers, head of Chainguard Labs, and Paul Gibert, a research scientist at Chainguard Labs to talk about the distinct challenges of securing open source software (OSS). They discuss what sorts of harms OSS compromises can lead to, how Log4J opened a political window for action on OSS security, and how the software liability debate affects OSS developers.Meyers and Gibert authored a Lawfare article questioning the conventional wisdom on how software liability could deal with OSS.To receive ad-free podcasts, bec...
2024-09-0947 min
Cybersecurity BuildersDan Lorenc, CEO & Founder of Chainguard: $250 Million Raised to Power the Future of Software Supply Chain SecurityWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.Here are the most interesting points from our conversation:Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.Industry Recognition Post-SolarWinds: The importance of software supply chain secu...
2024-08-0620 min
The AI Front LinesDeon Nicholas, CEO & Co-Founder of Forethought: $92 Million Raised to Power the Future of Customer Support with AIWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.
Here are the most interesting points from our conversation:
Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.
Industry Recognition Post-SolarWinds: The importance of software supply chain secu...
2024-08-0622 min
BUILDERSDeon Nicholas, CEO & Co-Founder of Forethought: $92 Million Raised to Power the Future of Customer Support with AIWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.
Here are the most interesting points from our conversation:
Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.
Industry Recognition Post-SolarWinds: The importance of software supply chain security became mainstream af...
2024-08-0622 minBUILDERSDeon Nicholas, CEO & Co-Founder of Forethought: $92 Million Raised to Power the Future of Customer Support with AIWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.
Here are the most interesting points from our conversation:
Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.
Industry Recognition Post-SolarWinds: The importance of software supply chain security became mainstream af...
2024-08-0622 min
BUILDERSDan Lorenc, CEO & Founder of Chainguard: $250 Million Raised to Power the Future of Software Supply Chain SecurityWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.
Here are the most interesting points from our conversation:
Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.
Industry Recognition Post-SolarWinds: The importance of software supply chain security became mainstream af...
2024-08-0620 minBUILDERSDan Lorenc, CEO & Founder of Chainguard: $250 Million Raised to Power the Future of Software Supply Chain SecurityWelcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Dan Lorenc, CEO & Founder of Chainguard, a software supply chain security platform that has raised $250 Million in funding.
Here are the most interesting points from our conversation:
Focus on Open Source Security: Chainguard aims to provide a secure source for open source code, addressing the risks associated with the widespread use of open source software in modern applications.
Industry Recognition Post-SolarWinds: The importance of software supply chain security became mainstream af...
2024-08-0620 min
Kubernetes BytesThe business case for cloud-native and KubernetesIn this episode of the Kubernetes Bytes podcast, Bhavin sits down with Danielle Cook - VP of Marketing, appCD and Co-chair, CNCF Cartografos Working Group, CNCF. The discussion dives into how technical individual contributors can and should think about a business case for cloud native adoption. They talk about the cloud native maturity model and also discuss the different things business leaders care about. Check out our website at https://kubernetesbytes.com/ Cloud Native News: https://www.chainguard.dev/unchained/chainguard-series-c https://www.cnbc.com/2024/07/23/google-wiz-deal-dead.html https://www.redhat.com/en/blog/what-you-need-to-know-red-hat-openshift-416 https...
2024-07-2654 min
Stretch Four PodcastThe End of the Day Show: Tech Beefs, Streaming Deals, and Another Security UnicornHey there, tech enthusiasts and startup mavens!Welcome to this week's roundup of "The End of the Day Show". We've got a spicy mix of Silicon Valley drama, sports business, and unicorn births. Let's dive in!1. Silicon Valley Soap Opera: Sacks vs. ConradThe tech world's latest Twitter drama is heating up faster than an overclocked CPU. David Sacks (PayPal mafia, Yammer founder) and Parker Conrad (Zenefits, Rippling founder) are at it again, with Paul Graham joining the fray. It's like a soap opera, but with more stock options and fewer...
2024-07-2617 min
Career Planning and Professional DevelopmentComparative Literature and English at ChainguardLisa Tagliaferri earned her PhD in Comparative Literature at the CUNY Graduate Center. She is now a Senior Director of Developer Enablement at Chainguard. Erin Rose Glass earned her PhD in English at the CUNY Graduate Center. She is now a Product Manager at Chainguard.
The post Comparative Literature and English at Chainguard appeared first on Career Planning and Professional Development.
2024-06-061h 03Alumni AloudComparative Literature and English at ChainguardLisa Tagliaferri earned her PhD in Comparative Literature at the CUNY Graduate Center. She is now a Senior Director of Developer Enablement at Chainguard. Erin Rose Glass earned her PhD in English at the CUNY Graduate Center. She is now a Product Manager at Chainguard.
The post Comparative Literature and English at Chainguard appeared first on Career Planning and Professional Development.
2024-06-061h 03
The Post Cloud PodcastVulnerability Free Container ImagesIn this episode we have our first guest, Adrian Mouat. We chat with Adrian about the evolution of container images, and how we can tackle the seemingly never ending task of vulnerabilities. He talks us through what he's working on at Chainguard, and how developers can get started on their vulnerability free journey!
2024-05-3027 min
Ship It! Cloud, SRE, Platform EngineeringTars all the way downJon “gzip enthusiast” Johnson joins us for a history lesson on compression & how it impacts everything from containers to Alpine.
Join the discussionChangelog++ members get a bonus 8 minutes at the end of this episode and zero ads. Join today!Sponsors:Neon – The fully managed serverless Postgres with a generous free tier. We separate storage and compute to offer autoscaling, branching, and bottomless storage.
Neo4j – Is your code getting dragged down by JOINs and long query times? The problem might be your database…Try simplifying the complex with graphs. Stop asking rel...
2024-05-241h 24
IT Ops QueryChainguard CEO's keys to open source software successHow is open source sustainability similar to the subprime mortgage crisis? And what can an episode of South Park teach us about open product business models?
Dan Lorenc has a uniquely multifaceted view of these and other questions – he worked at Google from 2012 to 2021, began contributing to open source projects in the Kubernetes community in 2016, and along the way, developed the tooling that would become the Sigstore project, which helps to verify the provenance of open source code packages. Sigstore is now governed by the OpenSSF, where Dan is a member of the Technical Advisory Council. He is...
2024-05-0917 min
DevOps and Docker Talk: Cloud Native Interviews and ToolingChainguard: Building Secure Container ImagesBret and Nirmal are joined by Dan Lorenc from Chainguard to walk them through Chainguard's approach to building secure, minimal container images for popular open source software.🙌 My next course is coming soon! I've opened the waitlist for those wanting to go deep in GitHub Actions for DevOps and AI automation in 2025. I'm so thrilled to announce this course. The waitlist allows you to quickly sign up for some content updates, discounts, and more as I finish building the course. https://learn.bretfisher.com/waitlist🍾They discuss why it is important to have secure...
2024-05-0359 min
Decipher Security PodcastDan LorencDan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST's National Vulnerability Database and the CVE ecosystem.
2024-04-0336 minDevOps and Docker Talk: Cloud Native Interviews and ToolingBest of DevOps 2023Bret and Nirmal are joined by Melissa McKay, Developer Advocate at JFrog and Docker Captain, to discuss the best and worst of 2023.🙌 My next course is coming soon! I've opened the waitlist for those wanting to go deep in GitHub Actions for DevOps and AI automation in 2025. I'm so thrilled to announce this course. The waitlist allows you to quickly sign up for some content updates, discounts, and more as I finish building the course. https://learn.bretfisher.com/waitlist🍾We recorded this episode in December of 2023 where we talked through our favorite tools...
2024-02-2352 minChangelog Master FeedBuilding containers without Docker (Ship It! #91)We’re back! Jason Hall joins the show to tell Justin & Autumn all about how Chainguard builds hundreds of containers without a single Dockerfile.
Leave us a comment
Changelog++ members get a bonus 5 minutes at the end of this episode and zero ads. Join today!
Sponsors:
Synadia – Take NATS to the next level via a global, multi-cloud, multi-geo and extensible service, fully managed by Synadia. They take care of all the infrastructure, management, monitoring, and maintenance for you so you can focus on building exceptional distributed applications.
Sentry – Code breaks, fix it faste...
2024-02-1657 minShip It! Cloud, SRE, Platform EngineeringBuilding containers without DockerWe’re back! Jason Hall joins the show to tell Justin & Autumn all about how Chainguard builds hundreds of containers without a single Dockerfile.
Join the discussionChangelog++ members get a bonus 5 minutes at the end of this episode and zero ads. Join today!Sponsors:Synadia – Take NATS to the next level via a global, multi-cloud, multi-geo and extensible service, fully managed by Synadia. They take care of all the infrastructure, management, monitoring, and maintenance for you so you can focus on building exceptional distributed applications.
Sentry – Code breaks, fix it faster...
2024-02-1657 min
The Cyber Security Matters PodcastAddressing the Cyber Security Talent Shortage - Episode 30 - Crystal Poenisch, Director of Product Marketing at ChainguardBuilding an innovative team in the Cyber Security industry can be a challenging task. Join us as we talk to Crystal Poenisch, the Director of Product Marketing at Chainguard, about how startups can overcome the talent shortage in this episode of The Cyber Security Matters Podcast.
During this conversation, we touched on unique hiring strategies, the state of the sector and Crystal’s tips for setting your startup up for success.
The Cyber Security Matters Podcast was created by neuco, a global talent acquisition company that specialises in the space and technology sect...
2024-02-1425 min
GOTO - The Brightest Minds in TechBuilding Secure Container Images with Wolfi • Matt Turner & Adrian MouatThis interview was recorded at GOTO Amsterdam for GOTO Unscripted.gotopia.techRead the full transcription of this interview hereMatt Turner - DevOps Leader & Software Engineer at TetrateAdrian Mouat - Author of 'Using Docker' & Dev Rel at ChainguardRESOURCESgithub.com/wolfi-devMatt@mt165github.com/mt-insidelinkedin.com/in/mt165mt165.co.ukAdrian@adrianmouatgithub.com/amouatlinkedin.com/in/adrianmouatadrianmouat.comDESCRIPTION
2023-12-0112 min
DevOps ParadoxWhat's in Your From Line? a Conversation With Chainguard#239: In this episode, Ville Aikas and Matt Moore from Chainguard join us for a discussion about open-source projects, distroless containers, and software security. They share their stories about the creation and progress of ChainGuard, offering insights into the way the company operates and contributes to the open-source community. They also delve into the value of improving the signal-to-noise ratio of vulnerability scanners and how this can aid in addressing software security problems. They also explain their commitment to the APK format and its advantages, as well as the significance of Wolfi, their '(un)distro...
2023-11-2943 min
Kubernetes Podcast from GoogleKubernetes Pen Testing, with Jesper LarssonJesper Larsson is a Freelance PenTester. Jesper works with a hacker community called Cure53. Co-organizes SecurityFest in Gothenburg, Sweden. Hosts Säkerhetspodcasten or The Security Podcast. Jesper is also a Star on Hackad, a Swedish TV Series about hacking. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29 Introducing SIG etcd etcd, wit...
2023-11-2951 min
Software Defined TalkDustin Kirkland on Securing Open Source SoftwareBrandon interviews Dustin Kirkland, VP of Engineering at Chainguard. They delve into Dustin’s experience as a part-time analyst, explore how Chainguard secures open-source software, and Dustin shares his hiking experience on the Camino de Santiago. Plus, some thoughts on men’s fashion and the timeless three-piece suit.
Show Links
theCUBE
SiliconANGLE
Chainguard: Fortified Software Delivery
Chainguard Raises $61 Million Series B Round as Enterprises Move to Fortify Open Source Software
Battling the Trojan Horse in Open Source
Our Open Source focus: Securing OSS is not optional
Octopus wolfi
Camino de Santiago
My Walk on the Portuguese Cami...
2023-11-2452 min
Three Buddy ProblemDan Lorenc on fixing the 'crappy' CVE ecosystemEpisode sponsors:
Binarly (https://binarly.io)
FwHunt (https://fwhunt.run)
Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding rounds and VC expectations, fixing the "crappy" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.Links:SBOMs - All the right ingredients, but something is still missingOpen...
2023-11-1441 min
The MonkCastDigital Humanities, Open Source, and Communities of Learning (With Dr. Lisa Tagliaferri)In this episode of The Docs Are In, Dr. Lisa Tagliaferri (Senior Director, Developer Education, Chainguard; Adjunct Professor, Rutgers University) drops in to chat with Kate and Kelly about her experiences working at tech startups and in academia. Lisa discusses her work in Digital Humanities (or DH--where digital technologies and the humanities intersect), her research into medieval communities of learning (do we have any Catherine of Siena fans out there?), and how this all relates to open source communities. Also of interest: Lisa's experiences with her DH graduate seminar, her work at Chainguard, and how academic training can translate...
2023-11-0317 min
Kubernetes BytesUniversal Control Planes for Kubernetes and BeyondIn this episode of KubernetesBytes, Bhavin and Ryan interview Viktor Farcic, a Developer Advocate from Upbound, the company behind Crossplane. Crossplane extends Kubernetes into becoming a universal control plane for more than what runs in Kubernetes, however, you get to manage everything in a Kubernetes-native way. Hear what Viktor has to say about Crossplane and what hes been up to. 01:35 Introduction 08:29 Cloud Native News 16:15 Crossplane with Viktor Cloud Native News https://www.chainguard.dev/unchained/series-b-funding https://www.honeycomb.io/blog/introducing-honeycomb-for-kubernetes?hss_channel=lcp-12957659 https://techcrunch.com/2023/10/18/microsoft-launches-radius-an-open-source-application-platform-for-the-cloud/ https://docs.radapp.io/ https://thehackernews.com/2023/10/urgent-ne...
2023-11-0259 min
The Peel with Turner NovakSecuring Open Source Software with Dan Lorenc, Co-founder & CEO of ChainguardDan Lorenc is the Co-founder and CEO of Chainguard, the best way to secure your open source software. Dan and his co-founders Kim, Matt, and Ville started the company in 2021 after spending a decade working together at Google on all things open source and software security.
They’ve since raised $116 million from investors including Spark (led Series B), Sequoia (led Series A), Amplify (led Seed), The Chainsmoker’s Mantis VC, Banana Capital, and dozens of angels in the cyber security and open source communities.
—
Topics discussed:
What is the “software supply chain”?
How the SolarWinds breach created the software supply chain secu...
2023-11-021h 20
SustainEpisode 203: What’s wrong with CVEs? Daniel Stenberg of cURL wants you to knowGuests
Daniel Stenberg | Dan Lorenc
Panelist
Richard Littauer
Show Notes
Today, we are switching things up and doing something new for this episode of Sustain, where we’ll be talking about current events, specifically security challenges. Richard welcomes guest, Daniel Stenberg, founder, and lead developer of the cURL project. Richard and Daniel dive into the complexities of Common Vulnerabilities and Exposures (CVEs), discussing issues with how they are reported, scored, and the potential impact on open source maintainers. They also explore the difficulty of fixing the CVE system, propose sh...
2023-10-1327 min
The Security RepoCode signing and securing the software supply chain with Billy LynchIn this episode, we go on a deep dive with Billy Lynch from Chainguard into application and code signing and how it can be used to ensure the supply chain is legitimate. Billy has an impressive background including spending 8 years at Google before joining Chainguard and not only helps us understand how signing can be used in security but also what is the latest developments and technology in this field.
Links:
https://www.chainguard.dev/
https://www.linkedin.com/in/wflynch/
BIO
Billy...
2023-07-2734 min
Kubernetes Podcast from GoogleDocker && WASM, with Justin CormackThis week we speak to Justin Cormack the CTO of Docker. We talked about WASM (or WebAssembly Modules), Docker support for running WASM apps and the future of the technology. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week WASMCon 2023: CFP Event Kyverno Project 1.10 Intro to Cilium course Microsoft Azure Linux is GA ...
2023-06-1949 min
Techstrong 55Episode #78 - Techstrong 55, Wednesday, June 7, 2023Hello everyone and welcome to Techstrong 55. Today is Wednesday, June 7th, and I am your host William Willis. In today’s show, we will hear about the progress and developments in the Kubernetes SIG Release's security efforts with Adolfo García Veytia from Chainguard. Then, we will hear about the creation of a magazine focused on cybersecurity in collaboration with the Linux Foundation with Anova Hou from the University of British Columbia. Finally, we will hear about the world of open-source proxy software with Dave McAllister from NGINX.
Without further ado, let's get the show started. Enjoy.
...
2023-06-0742 min
Kubernetes Podcast from GoogleSCaLE20xIn this episode we bring you with us to Southern California Linux Expo, or SCaLE20x in Pasadena, California. We interviewed several attendees about their experience at the conference. Featuring: Robin Phantomhive, attendee at SCaLE and community member Mofi Rahman, Developer Advocate at Google Fatima Sarah Khalid, Dev Evangelist at GitLab Bryan Behrenshausen, Open Source Program Manager at GitLab Laura Santamaria, Geek with an achievement streak at Dell Jeff Deifik, Cybersecurity at Aerospace Corp Jill Bryant Ryniker of LWDW and the Destination Linux...
2023-04-1324 min
Resilient CyberS4E11: John Speed Meyers - Data Science & Software Supply Chain SecurityChris: I have been following your research for several years now, dating back to your role before Chainguard. As you have watched the conversation around Software Supply Chain Security unfold in the industry, do you feel like we're making positive headway?Chris: You have done a lot of research into software supply chain security, and of course SBOM's. One recent study you took a look at the quality of SBOM's in the OSS ecosystem, compared to say the NTIA defined minimum elements for SBOM. Can you tell us a bit about the study and implications of the...
2023-03-3136 min
SustainEpisode 161: Aaron Crawfis on Dapr and Sustaining Cloud OSSGuest
Aaron Crawfis
Panelists
Richard Littauer | Justin Dorfman
Show Notes
Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. Richard and Justin are excited to have as their guest today, Aaron Crawfis, who works in the cloud space as a Senior Product Manager on the Azure Open Source Incubations team, which develops and launches new open source projects to advance the industry of cloud native computing and applications. He’s done a lot of work on Dapr, which is a di...
2023-03-2434 min
ATARC Federal IT NewscastIn the Nic of Time with Dan Lorenc, CEO, ChainGuardJoin this episode of In the Nic of Time with Dan Lorenc, CEO, ChainGuard as they discuss the challenges and struggles around software supply chain and take a deep dive on Dan's incredible contributions to the open source community with his projects like Minikube, Sigstore, Distroless and Wolfi.
2023-03-151h 31DevOps and Docker Talk: Cloud Native Interviews and ToolingSoftware Supply Chain Security with Chainguard🙌 My next course is coming soon! I've opened the waitlist for those wanting to go deep in GitHub Actions for DevOps and AI automation in 2025. I'm so thrilled to announce this course. The waitlist allows you to quickly sign up for some content updates, discounts, and more as I finish building the course. https://learn.bretfisher.com/waitlist🍾Bret is joined by two Chainguard co-founders, CEO Dan Lorenc and Head of Product, Kim Lewandowski, to break down the ins and outs of supply chain security and talk about Chainguard's approach to securing it. We dive into tools...
2023-01-0651 min
ModulesModule 7: The Communal Pool that is the Open Source Environment (with Samson Goddy of OSCA)The tech ecosystem offers a variety of niches, but none as unique as the Open Source environment. In this episode, we explore this niche with Samson Goddy (Co-founder, OSCA) as our guide. We cover the entire scope of open-source engagement - from the structure, its value for both business and contributor, and the ethical conundrum that bots present.
Samson Goddy: A software engineer who is committed to bringing about social change.
An advocate for open source software who mostly enjoys bridging the knowledge gap between enterprises on scale and sustainability. He works at Chainguard to secure the software sup...
2022-12-0746 min
Cloud Security Podcast by GoogleEP100 2022 Accelerate State of DevOps Report and Software Supply Chain SecurityGuests: John Speed Meyers, Security Data Scientist, Chainguard Todd Kulesza, User Experience Researcher, Google Topics: How did you get involved with this year's Accelerate State of DevOps Report (DORA report)? So what is DORA and why did you decide to focus on supply chain security for the 2022 report? What are the big learnings from this year's report? What's the difference between SLSA and SSDF? Is one spicy and the other savory? How're companies adopting these and how is adoption going? Are there other areas that DevOps can be a contributor in the overall security landscape? How ca...
2022-12-0533 min
Beaming OrteliusContainer Images for the Cloud Native EraAs the container ecosystem matures, there is an increased need for new standards and runtime environments considering security and provenance concerns, driving the next generation of tools and recommended practices to build container images.Let's discuss the latest developments in distroless images and the open-source container toolkit developed by Chainguard to build Wolfi, the first Linux un-distro created specifically for the Cloud Native Era.
2022-11-161h 06Decipher Security PodcastDan LorencDan Lorenc, CEO and founder of Chainguard, joins Dennis Fisher to talk about supply chain security, asset inventory, Sigstore, and the challenges of helping developers write more secure code.
2022-11-1638 minChangelog Master FeedContainer base images with glibc & musl (Ship It! #76)In today’s episode, we talk about distroless, ko, apko, melange, musl and glibc. The context is Wolfi OS, a community Linux OS designed for the container and cloud-native era. If you are looking for the lightest possible container base image with 0 CVEs and both glibc and musl support, Wolfi OS & the related chainguard-images are worth checking out.
Ariadne Conill is an Alpine Linux TSC member & Software Engineer at Chainguard.
Discuss on Changelog News
Changelog++ members save 5 minutes on this episode because they made the ads disappear. Join today!
Sponsors
...
2022-10-271h 03Ship It! Cloud, SRE, Platform EngineeringContainer base images with glibc & muslIn today’s episode, we talk about distroless, ko, apko, melange, musl and glibc. The context is Wolfi OS, a community Linux OS designed for the container and cloud-native era. If you are looking for the lightest possible container base image with 0 CVEs and both glibc and musl support, Wolfi OS & the related chainguard-images are worth checking out.
Ariadne Conill is an Alpine Linux TSC member & Software Engineer at Chainguard.
Join the discussionChangelog++ members save 5 minutes on this episode because they made the ads disappear. Join today!Sponsors:Se...
2022-10-271h 03
Software Engineering Radio - The Podcast for Professional Software DevelopersEpisode 535: Dan Lorenc on Supply Chain AttacksDan Lorenc, CEO of Chainguard, a software supply chain security company, joins SE Radio editor Robert Blumen to talk about software supply chain attacks. They start with a review of software supply chain basics; how outputs become inputs of someone...
2022-10-2649 minSoftware Engineering Radio - the podcast for professional software developersEpisode 535: Dan Lorenc on Supply Chain AttacksDan Lorenc, CEO of Chainguard, a software supply chain security company, joins SE Radio editor Robert Blumen to talk about software supply chain attacks. They start with a review of software supply chain basics; how outputs become inputs of someone...
2022-10-2649 min
SustainEpisode 143: Amanda Brock of OpenUK on Open Source Law, Policy and PracticeGuest
Amanda Brock
Panelists
Richard Littauer | Justin Dorfman | Ben Nickolls
Show Notes
Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. Today, we have an amazing guest and she’s been on this podcast before. Joining us is Amanda Brock, who’s the CEO of OpenUK, which is an industry organization about the business of open technology. She’s also a Board Member, keynote speaker, and author, with a new book coming out soon called, Open Source Law, Policy and Practi...
2022-10-2142 min
Three Buddy ProblemChainguard's Dan Lorenc gets real on software supply chain problems
Episode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.
Dan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation. Links:Dan Lorenc on LinkedInChainguard EnforceSounil Yu on...
2022-10-1347 min
Open Source Startup PodcastE57: Secure your Software Supply Chain with ChainguardDan Lorenc is Founder & CEO of Chainguard, the platform to secure your software supply chain. Chainguard supports many popular open source projects such as Sigstore, SLSA, and Tekton.
Chainguard has raised $55M from investors including Sequoia and Amplify Partners.
In this episode, we discuss the importance of market education when creating a new category of software, assessing market timing when launching your company, some of Chainguard's unique content strategies, and more!
2022-10-1238 min
Reimagining Cyber - real world perspectives on cybersecurityDo a Little Dance, Time for Some SLSA! - Ep 41On this week’s episode of Reimagining Cyber, hosts Stan Wisseman and Rob Aragao welcomed guest Dan Lorenc, founder and CEO of Chainguard Inc., to talk about SLSA, software supply chain security risks, and his opinions on Software Bill of Materials (SBOMs).Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
2022-10-1125 min
Kubernetes Podcast from GoogleVMware Tanzu, with Betty JunodBetty Junod, VP of Product Marketing at VMware Tanzu, kindly took up Craig's challenge to explain the various parts of the Tanzu ecosystem, and how the traditional IT buyer and the modern cloud native really aren't that different. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod and @craigbox Chatter of the week NASA DART mission Deep Impact Armageddon Apparent retrograde motion Planets beyond Neptune News of the week Istio sails into the CNCF SPIFFE and SPIRE graduate Episode 45, with Andrew Jessup Brigade archived...
2022-09-2937 min
The CloudcastSecure Software Supply-ChainDan Lorenc (@lorenc_dan, Founder/CEO @chainguard_dev) talks about modern software-supply chains, Sigstore and SBOM.SHOW: 655CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Datadog Application Monitoring: Modern Application Performance MonitoringGet started monitoring service dependencies to eliminate latency and errors and enhance your users app experience with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.CDN77 - Content Delivery Network Optimized...
2022-09-2831 min
Defense Unicorns, A PodcastSoftware Supply Chain with Dan LorencPeople tend to trust the software they buy, or download, just because it's available online, that doesn't make it safe. Join Dan Lorenc, the co-founder and CEO of Chainguard, as he explains the importance of a good software supply chain and what happens when you trust software that has vulnerabilities. Lorenc, an expert in his field, is a graduate of MIT, Massachusetts Institute of Technology, and came up at companies like Microsoft and Google, while he was chasing his passion for creating software you can trust. You can find and connect with Dan on LinkedIn. Hosted...
2022-09-2038 min
Code Story: Insights from Startup Tech LeadersS7 Bonus: Dan Lorenc, ChainguardDan Lorenc got into tech in a roundabout way. Most of his time in school was dedicated to the study of Mechanical Engineering, building in the world of atoms in machine shops and with 3d printers. He learned how to program through Matlab, and he got hooked. He lives in Austin, enjoys taking in the live music scene, and likes to get outdoors - when it's not 108 degrees, like it was when we did this recording.While Dan was at Google, the well known Solarwinds attack happened, illustrating the gaps and holes in the software supply chain...
2022-09-1316 min
The New Stack PodcastThe Stone Ages of Open Source SecurityAsk a developer about how they got into programming, and you learn so much about them. In this week's episode of The New Stack Makers, Chainguard founder Dan Lorenc said he got into programming halfway through college while studying mechanical engineering. "I got into programming because we had to do simulations and stuff in MATLAB," Lorenc said. And then I switched over to Python because it was similar. And we didn't need those licenses or whatever that we needed. And then I was like, Oh, this is much faster than you kn...
2022-08-3026 min
DevOps Speakeasy PodcastS03E26: #DevOpsSpeakeasy at #KubeCon EU 2022 with James Strong on Supply Chain SecurityJames Strong, lead solution architect at Chainguard, discusses the challenges of securing software supply chains and recommendations for developers
2022-08-2907 min
The Confident CommitSecuring software supply chain without panicking ft. Chainguard co-founder Kim LewandowskiChainguard co-founder, Kim Lewandowski joins Rob to discuss the ways she presses forward in the fear-driven world of software supply chain security. In any kind of mistake or failure, security breaches have to be something that we can learn from. On the other hand, particularly during investigation, there are often walls of trust and other factors affecting fully transparent communication. Does this impact our ability to learn? Is there something we have to do differently to get better at it?Tune in to this episode to hear Kim share valuable insights on how to educate t...
2022-08-0526 min
Lock and CodeSecuring the software supply chain, with Kim LewandowskiAt the start of the global coronavirus pandemic, nearly everyone was forced to learn about the "supply chain." Immediate stockpiling by an alarmed (and from a smaller share, opportunistic) public led to an almost overnight disappearance of hand sanitizer, bottled water, toilet paper, and face masks.
In time, those items returned to stores. But then a big ship got stuck in the Suez, and once again, we learned even more about the vulnerability of supply chains. They can handle little stress. They can be derailed with one major accident. They spread farther than we know.
...
2022-06-2039 min
Software Defined TalkAre we using version control?This week we discuss work life balance, the State of Continuous Delivery Survey and recap WWDC. Plus, some thoughts on Buddha and parenting…
Runner-up Titles
The Buddha had no kids
The Air Fryer is a PaaS.
Rundown
Work vs. Life
Office workers get little reward for returning to the office – an idle factory is taboo
CEOs had a phenomenal year. Workers, less so
Tesla monitored its employees on Facebook with help of PR firm during 2017 union push
Elon Musk asks all Tesla employees to come back to the office or quit
Ford factory workers get...
2022-06-101h 07Changelog Master FeedKnative, Sigstore & swag (KubeCon EU 2022) (Ship It! #54)This is the post-KubeCon CloudNativeCon EU 2022 week. Gerhard is talking to Matt Moore, founder & CTO of Chainguard about all things Knative and Sigstore. The most important topic is swag, because none has better stickers than Chainguard. The other topic is the equivalent of Let’s Encrypt for securing software.
2022-05-2548 minShip It! Cloud, SRE, Platform EngineeringKnative, Sigstore & swag (KubeCon EU 2022)This is the post-KubeCon CloudNativeCon EU 2022 week. Gerhard is talking to Matt Moore, founder & CTO of Chainguard about all things Knative and Sigstore.
The most important topic is swag, because none has better stickers than Chainguard.
The other topic is the equivalent of Let’s Encrypt for securing software.
Join the discussionChangelog++ members save 6 minutes on this episode because they made the ads disappear. Join today!Sponsors:Akuity – Akuity is a new platform (founded by Argo co-creators) that brings fully-managed Argo CD and enterprise services to the...
2022-05-2548 minChangelog Master FeedSecuring K8s releases (KubeCon EU 2022) (Ship It! #53)Today we are at KubeCon CloudNativeCon EU 2022, talking to Adolfo García Veytia about securing Kubernetes releases. Adolfo is a Staff Software Engineer at Chainguard, and one of the technical leads for SIG release, meaning that he helps ship Kubernetes. You most likely know him as Puerco, and have seen first-hand his passion for securing software via SBOMs, cosign and SLSA. Puerco’s love for bikes and Chainguard are a great match 🚴♂️
2022-05-201h 07Ship It! Cloud, SRE, Platform EngineeringSecuring K8s releases (KubeCon EU 2022)Today we are at KubeCon CloudNativeCon EU 2022, talking to Adolfo García Veytia about securing Kubernetes releases. Adolfo is a Staff Software Engineer at Chainguard, and one of the technical leads for SIG release, meaning that he helps ship Kubernetes. You most likely know him as Puerco, and have seen first-hand his passion for securing software via SBOMs, cosign and SLSA. Puerco’s love for bikes and Chainguard are a great match 🚴♂️
Join the discussionChangelog++ members save 5 minutes on this episode because they made the ads disappear. Join today!Sponsors:MongoDB – An...
2022-05-201h 07
Kubernetes Podcast from GoogleIstioCon, with Mitch ConnorsBig week for Istio! Craig talks to Mitch Connors, Istio user experience working group lead and IstioCon program committee co-chair, about the project and the conference. Mitch talks to Craig about the news that Istio has been proposed to the CNCF. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week 40th anniversary of the ZX Spectrum Some soothing YouTube channels: Adrian's Digital Basement Jan Beta RMC - The Cave Mark Fixes Stuff Some conference talks about the Commodore 64: Rich Code...
2022-04-2832 min
The Alan Barr ShowEphemeralityChainguard -The Principle of Ephemerality via Carlos Santana
Get on with ephemerality; it's 2022. We had no choice but to build it ourselves before then. Nowadays, chaos engineering is an option. We use serverless and stateless technologies all the time. Virtual machines aren't even on our radar. Maintaining stateful systems is difficult. Make sure you have backups and failovers.
To ensure that we have evidence of malicious software, you can test your code regularly. The COVID test provides a means of ensuring that historical evidence is reviewed over time.
Combining and shortening an app's lifespan makes it more likely...
2022-04-2514 min
Ardan Labs PodcastKnative & Kubernetes with Ville AikasVille Aikas is the founder of the supply chain security startup, Chainguard. We learn about foreign exchange student programs, early internet operating systems, working at Google, and working on projects like Kubernetes / Knative. Connect with Ville:Twitter: https://twitter.com/AikasVilleLinkedIn: https://www.linkedin.com/in/villeaikas/Email: vaikas@chainguard.devChainguard: https://chainguard.dev/Mentioned in today’s episode:Google Cloud: https://cloud.google.com/History of Google Voice: https://en.wikipedia.org/wiki/Google_Voice#HistoryHistory of Kubernetes: https://en.w...
2022-04-131h 35
Kubernetes Podcast from GoogleShipa, with Bruno AndradeBruno Andrade is founder and CEO of Shipa, delivering applications and policy "as code" to Kubernetes with a SaaS model. We discuss founding companies in Canada vs the USA, abstractions for deploying apps, and whether Kubernetes will really ever disappear. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Jimmy Fallon and Jimmy Kimmel One show The other show One behind-the-scenes video Another one Ron Gilbert does not like April Fools Just kidding: Return to Monkey Island "If I ever...
2022-04-0638 min
Dev InterruptedWhat Hackers Know About Your Software Supply Chain (That You Don’t) w/ Chainguard's Kim LewandowskiYou’ve heard of the supply chain, but what about the software supply chain? Unlike the standard supply chain that you often hear about in the news, this week’s episode of Dev Interrupted dives into the supply chain responsible for holding together the systems that companies, orgs and governments depend upon. Kim Lewandowski, a software supply chain security expert, co-founded Chainguard in 2021 with a mission to make the software supply chains secure by default.In our conversation, Kim discusses why hackers are way ahead of the game on the software supply chain, what compan...
2022-01-2930 minShip It! Cloud, SRE, Platform EngineeringGerhard at KubeCon NA 2021: Part 2In the second set of interviews from KubeCon North America 2021, Gerhard and Liz Rice talk about eBPF superpowers - Cilium + Hubble - and what’s it like to work with Duffie Cooley.
Jared Watts shares the story behind Crossplane reaching incubating status, and Dan Mangum tells us what it was like to be at this KubeCon in person. Dan’s new COO role (read Click Ops Officer) comes up.
David Ansari from VMware speaks about his first KubeCon experience both as an attendee and as a speaker. The RabbitMQ Deep Dive talk that he gave will...
2021-11-031h 26
Kubernetes Podcast from GoogleKnative 1.0, with Ville AikasWe celebrate the launch of Knative 1.0 with Ville Aikas, who has been with the project since the beginning. He was also with the Kubernetes team at the beginning, and thus we cannot resist a Pete Best comparison. We also celebrate Jimmy's last show as our guest host with a rapid-fire Kubernetes quiz. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Jimmy graduates! CNCF Landscape The menu at the Cheesecake Factory In-n-Out Secret Menu Links from the interview Important programmers...
2021-11-0244 min