
AIBOM, CBOM, and HBOM with Allan Friedman
Josh chats with Allan Friedman about all things Bill of Materials. Allan did a ton of work to help turn SBOM into what it is today. He has m...
Radio and PodcastLive Radio & Podcasts
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, appl...
Listen to Open Source Security Podcast, a Technology podcast by Open Source Security Podcast. Stream 535 episodes in English, follow new audio stories, and play episodes online on Radio and Podcast.
Browse this show under Technology podcasts.
20 episodes are loaded now from a catalog of 535. More episodes can be opened from this page.
Explore Technology podcasts, United States podcasts and English podcasts.

Josh chats with Allan Friedman about all things Bill of Materials. Allan did a ton of work to help turn SBOM into what it is today. He has m...

Josh welcomes Jordi Boggiano the lead maintainer of Composer and Packagist to explain the truckload of security features they've recently ad...

Josh welcomes Mike Milinkovich and Thabang Mashologu from the Eclipse Foundation to talk about their new managed Open VSX registry. This is...

Josh welcomes back François Proulx to talk about the absolute madness in the CI/CD universe right now. We also learn about François' new pro...

Josh chats with Sal Kimmich about the current state of everything, and what we can expect next. Sal has some incredible insight into what we...

Josh talks to Casey Ellis about why vulnerability disclosure is so hard, and also so important. Casey is one of the best in this space havin...

Josh talks to Hans-Christoph Steiner about F-Droid, the Free and Open Source Android App Repository. The way F-Droid works looks a lot like...

Josh talks to Kat Cosgrove about a how companies should be treating open source more like their critical infrastructure than free stuff. Kat...

Josh and David finish up the disaster recovery and emergency planning trilogy. In this one David tells us how to test the plan he told us ho...

Josh has a discussion with Vlad-Stefan Harbuz about the Open Source Pledge as well as his recent FOSDEM talk. The Open Source Pledge is all...

Josh welcomes back David Bernstein to talk about creating a disaster recover plan. It's a very timely topic given all the current events. Th...

Josh talks to Paul McCarty of Open Source Malware about ... open source malware. Paul explains why there aren't many good open source malwar...

Josh welcomes back Andrew Nesbitt to discuss some recent blog posts he wrote about the challenges of new ecosystems as well as challenges of...

Josh talks to Michael Winser about a talk he gave at FOSDEM as well as his work on Alpha Omega at the Linux Foundation. Michael is approachi...

Josh chats with Brian Fox from Sonatype about their 2026 State of the Software Supply Chain report. Most of the number continue to grow at a...

Josh talks to Luke Hinds, CEO of Always Further, about MCP and agent security. We start out talking about Luke's new tool, nono which is a s...

Josh talks to Paul Kehrer and Alex Gaynor, from the Python Cryptographic Authority. Alex and Paul recently published a statement discuss the...

Josh talks to Sylvestre Ledru about the Rust coreutils project. We've been using GNU coreutils for decades now, and the goal of Rust coreuti...

Josh chats with Brad Axen from Block about his creation Goose as well as the Agentic AI Foundation (AAIF). I am quite skeptical of many AI c...

Josh chats with Olle E. Johansson about the Global Vulnerability Intelligence Platform (GVIP). It's no secret the current vulnerability syst...