41 min listen
Secure Software Supply Chain with Nikhil Kaul and Victor Szalvay
Secure Software Supply Chain with Nikhil Kaul and Victor Szalvay
ratings:
Length:
34 minutes
Released:
Jul 21, 2021
Format:
Podcast episode
Description
This week on the podcast, hosts Stephanie Wong and Bukola Ayodele speak with Nikhil Kaul and Victor Szalvay about security in the software supply chain. Cloud OnAir will be offering a virtual event on supply chain software security on July 29th, and our guests start the show by telling us more about it.
The recent cyber attacks on US companies have brought to light the importance of cyber security. A new set of guidelines for securing these components and software as a whole will be released soon, impacting not just software developers but the users as well. The Cloud OnAir event will breakdown these new guidelines and educate attendees on steps to take to ensure more secure software and software components. Internally, Google has been optimizing their software supply chain security for years with solutions like BeyondCorp and internally developed solutions that Google has since adapted for their clients. These solutions will be discussed in detail in the Cloud OnAir event.
Victor goes on to explain the three areas of supply chain security and how they fit into the overall security of online platforms. Software projects are often built using many small pieces of software sourced from third parties, which can create vulnerabilities. The new guidelines will help ensure quality and security at all levels of development for software and its pieces, thus strengthening security at every level of the supply chain. Nikhil and Victor talk about issues that contribute to supply chain security, including the risks that a microservices architecture can introduce and the use of open source software and their dependencies. We hear about Google’s contributions to the supply chain security effort, like OpenSSF that strives to bring the open source community together toward the goal of cyber security. Our guests give listeners tips on starting the supply chain security journey.
Join the Cloud OnAir talk to learn more!
Nikhil Kaul
Nikhil leads a team of product marketers focused on driving and building messaging, positioning, and go-to-market strategy for Google Cloud’s DevOps portfolio.
Victor Szalvay
Victor is an Outbound Product Manager with Google Cloud focused on helping customers get the most from the cloud. Previously he has been a tech entrepreneur and leader, with a concentration on DevOps and app dev team productivity.
Cool things of the week
Helping you pick the greenest region for your Google Cloud resources blog
Optimizing your Google Cloud spend with BigQuery and Looker blog
Interview
Container Security: Building trust in your software supply chain site
OpenSSF site
Deps site
SLSA site
Cloud Build site
BeyondCorp site
Binary Authorization for Borg docs
GKE Autopilot docs
GCP Podcast Episode 251: BeyondCorp with Kiran Nair and Ameet Jani podcast
What’s something cool you’re working on?
Bukola is working on the new season of Security Command Center set to be released next month!
The recent cyber attacks on US companies have brought to light the importance of cyber security. A new set of guidelines for securing these components and software as a whole will be released soon, impacting not just software developers but the users as well. The Cloud OnAir event will breakdown these new guidelines and educate attendees on steps to take to ensure more secure software and software components. Internally, Google has been optimizing their software supply chain security for years with solutions like BeyondCorp and internally developed solutions that Google has since adapted for their clients. These solutions will be discussed in detail in the Cloud OnAir event.
Victor goes on to explain the three areas of supply chain security and how they fit into the overall security of online platforms. Software projects are often built using many small pieces of software sourced from third parties, which can create vulnerabilities. The new guidelines will help ensure quality and security at all levels of development for software and its pieces, thus strengthening security at every level of the supply chain. Nikhil and Victor talk about issues that contribute to supply chain security, including the risks that a microservices architecture can introduce and the use of open source software and their dependencies. We hear about Google’s contributions to the supply chain security effort, like OpenSSF that strives to bring the open source community together toward the goal of cyber security. Our guests give listeners tips on starting the supply chain security journey.
Join the Cloud OnAir talk to learn more!
Nikhil Kaul
Nikhil leads a team of product marketers focused on driving and building messaging, positioning, and go-to-market strategy for Google Cloud’s DevOps portfolio.
Victor Szalvay
Victor is an Outbound Product Manager with Google Cloud focused on helping customers get the most from the cloud. Previously he has been a tech entrepreneur and leader, with a concentration on DevOps and app dev team productivity.
Cool things of the week
Helping you pick the greenest region for your Google Cloud resources blog
Optimizing your Google Cloud spend with BigQuery and Looker blog
Interview
Container Security: Building trust in your software supply chain site
OpenSSF site
Deps site
SLSA site
Cloud Build site
BeyondCorp site
Binary Authorization for Borg docs
GKE Autopilot docs
GCP Podcast Episode 251: BeyondCorp with Kiran Nair and Ameet Jani podcast
What’s something cool you’re working on?
Bukola is working on the new season of Security Command Center set to be released next month!
Released:
Jul 21, 2021
Format:
Podcast episode
Titles in the series (100)
Amazing Demos from GCP Next with Instrument: In the twenty first episode of this podcast, your hosts Francesc and Mark interview three of the engineers at Instrument, responsible for some of the amazing demos at GCP Next. by Google Cloud Platform Podcast