Balancing Act: Software Security and Developer Experience

Open at Intel

Player FM - Internet Radio Done Right

Đã thêm cách đây hai năm

Nội dung được cung cấp bởi open.intel. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được open.intel hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/now-on-netflix">Now On Netflix</a></span>

1
Now On Netflix

Hủy theo dõi

cách đây 4 ngày trướccách đây 4d ago

Hủy theo dõi

Hàng tuần

Now On Netflix is your guide for what to watch this week on Netflix. Join the writers and editors from Tudum.com as they discuss the latest films and series coming to Netflix - and why you won't want to miss them! Celebrity interviews, exclusive insights, upcoming releases, and a behind-the-scenes look you won’t get anywhere else. New episodes every Thursday. https://www.netflix.com/tudum

cách đây khoảng một năm trước 25:32

MP3•Trang chủ episode

00:00 Introduction

02:29 Personal Reflections on Security

04:14 Introduction to Stacklok and Minder

05:02 Minder's Features and Capabilities

07:38 Target Audience and Use Cases for Minder

10:41 Balancing Security and Developer Productivity

13:00 The Importance of Seamless Security

13:52 Introduction to Trusty: Understanding Open Source Security Risks

14:45 Analyzing Malicious Packages and Developer Contributions

18:06 The Role of Developer Identity in Open Source Projects

19:20 AI's Impact on Code Development and Security

20:10 Challenges and Future Directions in Developer Identity

23:31 Concluding Thoughts and Future Conversations

Guest:

Luke Hinds is the CTO of Stacklok. He is the creator of the open source project sigstore, which makes it easier for developers to sign and verify software artifacts. Prior to Stacklok, Luke was a distinguished engineer at Red Hat.

100 tập

#Tech #Open At Intel

Open at Intel

Balancing Act: Software Security and Developer Experience

Open at Intel

published cách đây khoảng một năm trước

Chia sẻ

MP3•Trang chủ episode

00:00 Introduction

02:29 Personal Reflections on Security

04:14 Introduction to Stacklok and Minder

05:02 Minder's Features and Capabilities

07:38 Target Audience and Use Cases for Minder

10:41 Balancing Security and Developer Productivity

13:00 The Importance of Seamless Security

13:52 Introduction to Trusty: Understanding Open Source Security Risks

14:45 Analyzing Malicious Packages and Developer Contributions

18:06 The Role of Developer Identity in Open Source Projects

19:20 AI's Impact on Code Development and Security

20:10 Challenges and Future Directions in Developer Identity

23:31 Concluding Thoughts and Future Conversations

Guest:

100 tập

#Tech #Open At Intel

Alle episoder

Open at Intel

1
The Future of AI Workloads with Slinky 18:51

cách đây 5 ngày trước18:51

18:51

In this episode, Marlow Warnicke, lead for the Slinky project, and Tim Wickberg, CTO of SchedMD, join us to discuss their work integrating HPC scheduler Slurm with Kubernetes. They provide background on Slurm's origins, its open source nature, and its evolution into Slinky to address Kubernetes's limitations in scheduling AI and HPC workloads. The discussion touches on the unique challenges in the MLOps space, the need for fine-grained resource control, and their collaborative efforts with various communities to enhance Kubernetes's efficiency. They also share the roadmap for Slinky and avenues for community collaboration and contribution. 00:00 Introduction and Guest Introductions 00:39 Overview of Slurm and Its Evolution 01:44 The Fusion of Slurm and Kubernetes: Slinky 04:14 Challenges in Kubernetes Scheduling 09:07 Unique Challenges in MLOps 12:58 Community Collaboration and Future Plans 16:41 Getting Involved and Final Thoughts…

Open at Intel

1
Open Source Maintainership: The Highs, Lows, and Everything In Between 23:38

cách đây 12 ngày trước23:38

23:38

Katherine Druckman sat down with Sarah Christoph, lead maintainer of Porter, and Karen Chu, community manager for Helm, to discuss the realities of maintaining open source projects. We discussed the challenges maintainers face, including burnout, community building, and the importance of human interactions in sustaining projects. The conversation highlights strategies for creating sustainable workflows, such as documentation and contributor ladders, and the essential role of positive feedback and community support in maintaining morale. The episode also underscores the protective and inclusive nature of the open source community, shining a light on mentorship and the personal growth it fosters. 00:00 Introduction 02:30 Challenges in Open Source Maintenance 03:43 Maintainer Burnout and Coping Strategies 08:10 Building Sustainable Open Source Projects 10:37 The Importance of Community and Mentorship 12:41 Recognizing and Crediting Contributors 14:14 The Human Connection in Open Source 21:22 Final Thoughts Guests: Karen Chu Sarah Christoff…

Open at Intel

1
The Human Side of Code 20:46

cách đây 19 ngày trước20:46

20:46

In this episode, we hear from Megan Knight, Director of Software Communities at Arm. Megan shares her experiences with open source projects, particularly focusing on the Yocto project which helps build custom Linux distributions. She discusses the challenges of community management, maintaining contributor motivation, and the impact of policy changes on open source projects. The discussion also touches on the importance of corporate support in sustaining open source contributions. 00:00 Introduction and Welcome 00:52 The Yocto Project: Building Custom Linux Distributions 01:33 Managing Open Source Communities 04:20 Motivations and Challenges in Open Source Contributions 05:18 Conflict Resolution in Open Source Projects 06:59 Unexpected Use Cases in Open Source 10:03 Sustainability and Training in Open Source 18:07 The Future of Open Source in Automotive 19:18 Conclusion Guest: Megan Knight is the Director of Software Communities at Arm where she delightfully works with the upstream. She holds various positions on project boards including Yocto Project, UXL Foundation, Zephyr Project, and OpenSSF. Prior to Arm, she led the IoT and Automotive open source engagement portfolio at Amazon Web Services and served as the Amazon representative on critical dependency open source project boards. She got her start in open source working at The Linux Foundation with the Linux Kernel and Linux Plumbers communities.…

Open at Intel

1
Understanding Observability with OpenTelemetry 21:50

cách đây 25 ngày trước21:50

21:50

Join us as we sit down with Austin Parker, Director of Open Source at Honeycomb.io to discuss observability with OpenTelemetry, explaining its importance in cloud native software and discussing the OpenTelemetry project's growth and community contributions. He shares insights on the evolution and adoption of Open Telemetry, its impact on the software industry, and the collaborative nature of its development. 00:00 Introduction 00:45 Understanding OpenTelemetry 02:48 The Importance of Observability 05:01 Challenges and Innovations in Observability 09:36 The OpenTelemetry Community 12:12 Challenges with Vendor Lock-In 14:29 Encouraging New Contributions 18:07 Recognizing Community Contributions 20:24 Final Thoughts Guest: Austin Parker is Director of Open Source at honeycomb.io, an OpenTelemetry maintainer and governance member, author of several books, and all around great person.…

Open at Intel

1
AI and MLOps with Kubernetes 20:37

cách đây 26 ngày trước20:37

20:37

In this episode, we caught up with Abdel Sghiouar, a Developer Advocate at Google and the co-host of The Kubernetes Podcast. Abdel shared the latest developments in Kubernetes and AI applications, highlighting the unique challenges of running machine learning models on Kubernetes, particularly focusing on scalability and the context window in large language models. We also discussed the importance of working groups in overcoming these challenges and emerging concerns in AI security. 00:00 Introduction and Welcome Back 00:20 Abdel's Role and Podcast 00:36 Kubernetes and Cloud Native Space 01:14 AI and MLOps Discussion 02:20 Challenges with Large Language Models 04:48 Kubernetes Working Groups 05:55 Security Concerns in MLOps 09:48 Exploring Solutions and Community Interaction 18:23 Conclusion Guest: Abdel Sghiouar is a Cloud Developer Advocate @Google Cloud. His focus areas are GKE/Kubernetes, Service Mesh and Serverless. Abdel started his career in datacenters and infrastructure in Morocco before moving to Google's largest EU datacenter in Belgium. Then in Sweden he joined Google Cloud Professional Services and spent 5 years working with Google Cloud customers on architecting and designing large scale distributed systems before turning to advocacy and community work. You can follow him at @boredabdel .…

Open at Intel

1
Positioning and Strategy with Open Source 20:10

cách đây 4 weeks trước20:10

20:10

Consultant Emily Omier discusses her work with open source companies on product strategy and positioning. She explains the unique challenges and opportunities such companies face, particularly the tension between commercial offerings and open source projects. Emily highlights the importance of solid product strategy, shares her process from customer interviews to leadership workshops, and addresses common misconceptions and struggles companies encounter. Additionally, she touches upon the strategic reasons for open-sourcing software. 00:00 Introduction and Guest Background 00:16 Understanding Product Strategy in Open Source 01:58 Engaging with Companies at Different Stages 03:10 Workshop and Internal Knowledge Surfacing 04:16 Differentiating Open Source and Commercial Offerings 07:09 Common Struggles and Misunderstandings 10:35 Community Building and Its Importance 14:21 Open Sourcing Projects: Reasons and Benefits 17:28 Experience at All Things Open 18:07 Conclusion and Upcoming Events Guest: Emily Omier is a consultant who helps open source startups accelerate growth with killer positioning. She also hosts The Business of Open Source, a podcast about building open source companies and is the founder of Open Source Founders Summit, a business-focused conference for leadership of open source companies.…

Open at Intel

1
Balancing Act: Software Security and Developer Experience 25:32

cách đây 5 weeks trước25:32

25:32

In this episode, we sit down with Luke Hinds, CTO of Stacklok and creator of Sigstore, to learn from his extensive background in open source security. Luke shares insights into his journey and passion for security, highlighting the thrill of the 'cat and mouse' dynamics. He discusses Stacklok’s project, Minder, a software supply chain platform designed to streamline security while boosting developer productivity. Luke also touches on Trusty, another Stacklok initiative aimed at assessing the security risks of open source packages using data science. The conversation expands to the impact of AI on code contributions and developer identity, reflecting on the evolving dynamics in software development and security. Finally, Luke shares thoughts on the ongoing challenges and opportunities in bridging the gap between operations and engineering to maintain robust security in fast-paced development environments. 00:00 Introduction 02:29 Personal Reflections on Security 04:14 Introduction to Stacklok and Minder 05:02 Minder's Features and Capabilities 07:38 Target Audience and Use Cases for Minder 10:41 Balancing Security and Developer Productivity 13:00 The Importance of Seamless Security 13:52 Introduction to Trusty: Understanding Open Source Security Risks 14:45 Analyzing Malicious Packages and Developer Contributions 18:06 The Role of Developer Identity in Open Source Projects 19:20 AI's Impact on Code Development and Security 20:10 Challenges and Future Directions in Developer Identity 23:31 Concluding Thoughts and Future Conversations Guest: Luke Hinds is the CTO of Stacklok. He is the creator of the open source project sigstore, which makes it easier for developers to sign and verify software artifacts. Prior to Stacklok, Luke was a distinguished engineer at Red Hat.…

Open at Intel

1
Open Source and Public Policy: A Conversation with Deb Bryant 20:23

cách đây 6 weeks trước20:23

20:23

Deb Bryant discusses her career journey and the significant role of open source software in public policy, particularly in the US and Europe. She highlights her work with the Open Source Initiative, Oregon State University, and Red Hat, emphasizing the importance of open source in government operations and cybersecurity. Deb also addresses the challenges and evolution of open source policies, the critical need for sustainability in open source projects, and her current focus on AI's impact on the ecosystem. She concludes by advocating for harmonized international regulations and human-centered AI approaches. 00:00 Introduction 00:44 Government and Open Source Software 01:38 Experiences in the Private Sector 02:14 Open Source in Public Policy 04:31 Cybersecurity and Open Source 07:42 Sustainability in Open Source 15:05 Future of Open Source and AI 18:53 Conclusion and Final Thoughts Guest: Deb Bryant, Director, US Policy and Founder, Open Policy Alliance Open Source Initiative Throughout her career, Deborah has lent her voice to supporting open source projects and developers, building bridges between academia, industry, non-profits, and government along the way. Today she provides guidance to open source foundations seeking to support public policy development in open technology domains. She has worked in emerging technology and has been an advocate of free and open source software and the community that makes it so since the 1990s. Deborah is board director emeritus at the Open Source Initiative (OSI); serves on the DemocracyLab board; serves on the advisory boards of Open Source Elections Technology Foundation and the OASIS Open Project, and as an advisor to the Brandeis University Open Technology Management program. She also represents OSI as a member of the Digital Public Goods Alliance. For eight years prior to her reentry into the nonprofit world, she led one of the world’s largest open source program offices (OSPO) at Red Hat where her global team was responsible for the company’s strategy and stewardship in open source software communities. While at Red Hat she served on the Eclipse Foundation board for two years. Deborah’s published academic research includes the Use of Open Source in Cybersecurity in the Energy Industry and Collaborative Models for Creating Software in the Public Sector.…

Open at Intel

1
Canonical's Data Science Stack and AI's Open Future 19:34

cách đây 6 weeks trước19:34

19:34

In this episode, Andreea Munteanu of Canonical discusses Data Science Stack, an out-of-the-box machine learning environment solution. Emphasizing the industry's shift to Kubernetes and cloud native applications, she outlines her vision for accessible and secure open source AI. The conversation also covers the importance of community contribution, challenges faced by data scientists, and the future of AI being open source. 00:00 Introduction 01:50 Data Science Stack Introduction 03:31 Community and Collaboration 06:30 Getting Started with Generative AI 08:56 Andreea's Journey into Data Science 10:59 The Future of AI and Open Source 14:57 Encouraging Open Source Contributions 17:28 Conclusion and Final Thoughts Guest: Andreea Munteanu helps organizations drive scalable transformation projects with open source AI. She leads AI at Canonical, the publisher of Ubuntu. With a background in data science across industries like retail and telecommunications, she helps enterprises make data-driven decisions with AI.…

Open at Intel

1
Mastering Generative AI 24:20

cách đây 8 weeks trước24:20

24:20

In this episode, Andrew Brown, founder of Exam Pro, joins the podcast to discuss his background in educational technology and his current endeavors in teaching tech certifications and coding boot camps. Andrew shares his excitement about generative AI and how developers can stay updated with rapidly evolving innovations like Deepseek and the Open Platform for Enterprise AI (OPEA), the importance of understanding foundational concepts, and the role of open models in democratizing AI technology. The conversation also covers the relevance of deploying custom models, integrating reliable educational strategies, and ensuring developers have the knowledge to use AI applications effectively. Andrew shares insights on his courses and offers practical advice for developers keen on diving into generative AI. 00:00 Introduction and Guest Welcome 00:19 Andrew Brown's Background and Current Work 01:10 Exciting Trends in Tech Education 02:20 Deep Dive into Generative AI 05:23 DeepSeek and AI Model Costs 07:44 Challenges and Opportunities in AI Development 09:22 Open Source AI and Developer Training 11:00 Practical Advice for Aspiring Developers 13:00 Challenges and Opportunities in AI Development 18:34 Conclusion and Final Thoughts Resources: FREE GenAI Boot Camp Exam Pro Resources on GitHub Andrew on GitHub Guest: Andrew Brown is the founder of Exam Pro where he creates training materials for developers. He also creates free cloud certification courses for freeCodeCamp.…

Open at Intel

1
From Kubernetes to Argo: Exploring the World of the Cloud Native End User 18:39

cách đây 9 weeks trước18:39

18:39

In this episode, Henrik Blixt, a product manager at Intuit and Argo maintainer, shares his experiences and insights into managing platform engineering teams that handle Kubernetes, service mesh, API gateways, and more. He emphasizes the importance of product management within platform engineering and discusses his involvement with the CNCF's end user technical advisory board. Henrik also highlights the significance of open source in his professional journey and details the ongoing initiatives and advancements within the Argo project. 00:00 Introduction and Guest Welcome 00:53 Discussion on Argo and Developer Tools 01:41 Open Source Community Involvement 02:06 CNCF End User Technical Advisory Board 03:11 Reference Architectures and Initiatives 08:18 Challenges and Solutions for End Users 13:20 Argo Project Insights 16:03 The Importance of Product Management 17:16 Conclusion and Final Thoughts Guest: Henrik Blixt leads a Product Management team responsible for the Intuit core platform, where he defines the strategy and direction that has shaped Intuit’s cloud native platform based on CNCF projects like Kubernetes, Envoy, Istio, Prometheus, Argo (and many more!) that’s used by 7000 developers and serving over 100M users. Being a passionate member of the open source community for almost 30 years, from Linux through OpenStack and Kubernetes, Henrik is currently focused on the Argo project as a core maintainer. He also represents Intuit across other committees, like the CNOE project and the broader Linux Foundation, where he shares experiences and best practices from Intuit’s use of open source, making sure end users are heard and their pain points understood. He loves engaging with the community and has been a prolific speaker and event program committee member across ArgoCon, GitOpsCon, Kubecon over the years. A native of Sweden, earning his B.Sc in information systems from the University of Gothenburg, he now resides in California with his family.…

Open at Intel

1
Breaking Down AI: Small Models, Big Impacts 20:44

cách đây 10 weeks trước20:44

20:44

Joshua Alphonse discusses the potential of small language models, highlighting their efficiency and applicability in various domains such as financial compliance and multimedia processing. The conversation also touches upon the intersection of creativity and technology, AI's role in the future of multimedia, and the significance of open source models. Joshua emphasizes the importance of eliminating biases in AI and the exciting advancements in agentic AI and spatial AI, projecting how these innovations might shape the tech landscape in the coming years. 00:00 Introduction and Welcome 00:09 Joshua's Background and Experience 00:34 Current Projects and Innovations 03:04 The Importance of Small Language Models 06:14 Open Source and AI Ethics 10:13 Future of AI and Exciting Developments 12:20 Challenges and Controversies in AI 17:47 Conclusion and Final Thoughts Guest: Joshua Alphonse is Head of Product at PremAI. Joshua has spent his time empowering developers to create innovative solutions using cutting-edge open-source technologies. Previously, Joshua worked at Wix, leading Product and R&D engagements for their Developer Relations Team, and at Bytedance he successfully created content, tutorials, and curated events for the developer community.…

Open at Intel

1
Fostering Open Source Culture and Unlocking Innovation 27:54

cách đây 11 weeks trước27:54

27:54

In this episode, we celebrate Free and Open Source Software Month this February by chatting with some of Intel’s own open source software and community enthusiasts, Arun Gupta and Shirley Bailes, about open source, its business value, and how to unlock innovation through openness. Arun discusses his book, 'Fostering Open Source Culture,' detailing his journey from past experiences at major tech companies to the process and inspiration behind writing the book. The conversation covers the importance of fostering an open source culture, including the roles of various companies and foundations. Shirley shares her first-time author experience, emphasizing the role of foundations in maintaining a sustainable open source ecosystem. The discussion touches on the benefits of corporate engagement in open source, the challenges of proving ROI, and the critical need for a new generation of contributors. Arun and Shirley highlight real-world case studies and provide practical advice for companies looking to embrace and invest in open source culture. 00:00 Introduction 00:33 Arun Gupta’s Journey in Open Source 03:23 Shirley Bailes on First-time Authorship 04:42 The Role of Foundations in Open Source 07:17 Leadership in Open Source Foundations 11:27 The Business Case for Open Source 15:40 The Importance of Community and Collaboration 25:18 Conclusion and Book Information Resources: Episode Transcript Guests: Shirley Bailes has been involved in developer communities and building open source programs for over 15 years. She is the Director of Software Ecosystem Strategy in Intel’s Office of the CTO, where she leads thought leadership and strategic initiatives to accelerate startup innovation and developer ecosystem growth. She previously led open source programs at AWS and served as Co-President of the Women at Amazon Global Board. Arun Gupta is Vice President and General Manager of Developer Programs at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun Microsystems through systemic changes to embrace open source principles. He is the elected chair of the CNCF GB and elected Chair of the OpenSSF GB. He has delivered technical talks in 45+ countries and authored multiple books. He is a fitness and kindness enthusiast.…

Open at Intel

1
Managing Kubernetes with Komodor 21:30

cách đây 12 weeks trước21:30

21:30

In this episode, we speak with Udi Hofesh and Itiel Schwartz from Komodor about their roles and the mission of their company. Komodor aims to simplify Kubernetes at scale by providing tools for managing, troubleshooting, and optimizing Kubernetes clusters. They discuss the unique features of Komodor, including their approach to using AI to address Kubernetes issues and their involvement in open source projects like Helm Dashboard. The conversation also touches upon the new native integration for managing Kubernetes add-ons and the future direction of the company. 00:00 Introduction and Guest Introduction 00:27 What is Komodor? 00:59 Challenges in Kubernetes 01:32 Komodor's Unique Solutions 02:27 Target Audience and Developer Relations 06:56 Open Source Contributions 14:09 AI Integration in Komodor 18:47 New Features and Future Plans Guests: Itiel Shwartz, CTO and Co-founder, Komodor Udi Hofesh, DevRel, Komodor…

Open at Intel

1
The Open Source Path to Security and Privacy: Divvi Up and Let's Encrypt 22:02

cách đây 13 weeks trước22:02

22:02

In this episode, Sarah Gran and Brandon Pitman from the Internet Security Research Group (ISRG) dive into their projects, Divvi Up and Let's Encrypt. They discuss the creation and impact of Divvi Up, a privacy-preserving metrics aggregation service, and its role in protecting individual data while providing valuable insights to organizations. They share the journey from collaborating with Google and Apple on COVID-19 exposure notifications to enhancing privacy for Firefox users. The conversation also explores the importance of TLS certificates provided by Let's Encrypt and the challenges and advancements in the realm of online privacy. 00:00 Introduction and Guest Introductions 01:22 Overview of DivviUp 02:29 Privacy Concerns and Data Security 06:18 Real-World Applications and Examples 11:28 Technical Details and Protocols 19:53 Open Source and Community Involvement 20:39 Conclusion and Final Thoughts Guests: Sarah Gran is the Vice President of the Brand and Donor Development team at Internet Security Research Group ( ISRG ), the nonprofit entity behind Let's Encrypt , the world's largest certificate authority. Sarah joined ISRG in early 2016, shortly after the Let’s Encrypt launch and has helped it become a household name in software development. Sarah has also helped to shape ISRG’s latest projects, one focused on bringing memory-safe code to security-sensitive software, called Prossimo , and a privacy-respecting metrics service, called Divvi Up .Sarah is an independent member of the Tor Project’s Board of Directors. Previously, Sarah worked as a Vice President at Edelman SF and Deutsch NY in brand and communications strategy groups. Brandon Pitman is the Senior Software Engineer for Divvi Up and has a Master’s in Computer Science from Georgia Tech. Prior to ISRG, they worked at Google on a variety of Security, Privacy, and Green Energy projects. Bran came to ISRG to be a part of improving the privacy stance of the Internet as a whole.…

Chào mừng bạn đến với Player FM!

Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.