InfoQ Homepage Software Supply Chain Content on InfoQ

Podcasts

RSS Feed

About this Podcast

Intended for architects and senior developers.

DevOps

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

Eddie Knight, OSPO lead at Sonatype, discusses how the EU Cyber Resilience Act can help with improving your software project’s security and in the same time to slow down the alarming acceleration of software supply chain attacks.

Eddie Knight
on Apr 21, 2025

Icon

40:38
AI, ML & Data Engineering

Generally AI Episode 4: Sold out!

In this episode of Generally AI, Meertens and Alford explore the theme of "sold out" and delve into the world of GPUs, hot sauce, and beer. The hosts cover CUDA-enabled GPUs and parallel programming patterns, then explore the parallels between the scarcity of GPUs and Sriracha hot sauce; the historical context of GPU shortages; and how beer and college students can model supply chain dynamics.

Anthony Alford Roland Meertens
on Feb 14, 2024

Icon

49:11
Architecture & Design

Tracy Miranda on Secure Supply Chains, SBOMs, and SLSA

In this episode, Tracy Miranda, a leader in the secure software supply chain domain, sat down with InfoQ podcast co-host Daniel Bryant and discussed the current state of the industry. Topics covered included the benefits of SBOMs and SLSA, getting started with generating SBOMs, and how developers should work with leadership when evaluating their organization’s security posture.

Tracy Miranda
on Sep 18, 2023

Icon

24:20
Sponsored Content by

Icon
Architecture & Design

Kim Lewandowski and Michael Lieberman on Securing the Software Supply Chain with SLSA

Charles Humble talks to Kim Lewandowski and Michael Lieberman about the SLSA framework. They discuss why the software supply chain is under growing attack, explore the key ideas in SLSA and its connection to Google’s Binary Authentication for Borg, and think about how the framework might evolve.

Kim Lewandowski Michael Lieberman
on Jun 06, 2022

Icon

27:20
Sponsored Content by

Icon

About this Podcast

Discussions on intentional corporate culture and software management approaches.

Culture & Methods

Investing in Open Source: The Open Source Pledge and Why it Matters

In this podcast, Shane Hastie, Lead Editor for Culture & Methods, spoke to Chad Whitacre about the Open Source Pledge, an initiative to encourage companies to financially support open-source maintainers to ensure the sustainability and security of the software they depend on. The goal is to address the social contract within open source, where companies benefit from freely available software.

Chad Whitacre
on Mar 07, 2025

Icon

16:00
Culture & Methods

Vulnerabilities and Risks in the Software Supply Chain

Shane Hastie spoke to Brian Fox of Sonatype about vulnerabilities and risks inherent in the modern software supply chain and how to overcome them.

Brian Fox
on Apr 22, 2022

Icon

27:21
Sponsored Content by

Icon

Unlock the full InfoQ experience

Don't have an InfoQ account?

Topics

Making Augmented Reality Accessible: A Case Study of Lens in Maps

Designing for Defense: Architecting APIs with Zero Trust Principles

AI Agents & LLMs: Scaling the Next Wave of Automation

Building a Product-First Engineering Culture in the Age of AI

One Network: Cloud-Agnostic Service and Policy-Oriented Network Architecture

Helpful links

Choose your language

Podcasts

About this Podcast

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

Generally AI Episode 4: Sold out!

Tracy Miranda on Secure Supply Chains, SBOMs, and SLSA

Kim Lewandowski and Michael Lieberman on Securing the Software Supply Chain with SLSA

About this Podcast

Investing in Open Source: The Open Source Pledge and Why it Matters

Vulnerabilities and Risks in the Software Supply Chain

Making Augmented Reality Accessible: A Case Study of Lens in Maps

From C to Rust: inside Meta’s Developer-Led Messaging Migration

Effective Practices for Coding with a Chat-Based AI

Designing for Defense: Architecting APIs with Zero Trust Principles

Optimizing Search Systems: Balancing Speed, Relevance, and Scalability

Guardian's Secure Messaging: Open Source Messaging Uses Millions of App Users as Traffic Cover

Building a Product-First Engineering Culture in the Age of AI

How to Build Secure Software without Sacrificing Productivity

From Legacy to Value: Building Digital Banking Products Across Central and Eastern Europe

Inaugural MCP Dev Summit Charts AI Integration's Future

Google DeepMind Announces Robotics Foundation Model Gemini Robotics On-Device

Hugging Face Launches Reachy Mini Robots for Human-Robot Interaction

Docker Expands Compose for Agent Development and Ties in Cloud Offload Support

Microsoft Launches Azure DevOps MCP Server in Public Preview

Docker Desktop 4.42 Launches with Native IPv6, Integrated MCP Toolkit, and AI Model Packaging

InfoQ Dev Summit Munich

QCon San Francisco

QCon AI New York

QCon London

InfoQ Software Architects' Newsletter

Podcasts

About this Podcast

About this Podcast