))
In our world today, technology plays an increasingly significant role in shaping our lives. The way we communicate, work, and even entertain ourselves is being revolutionized by tech. Behind every innovation, there's a person, a human being with unique experiences, perspectives and challenges. Understanding what shaped their perspective is a real goal. From The Sourced Network remote offices in Camp Hill, Pennsylvania, welcome to Real Technologists. Each week we explore the genuine stories a ...
…
continue reading
Wondering what all the hype about Software Bill of Materials or SBOMs is? They’ve become a regular talking point when discussing the composition of software, and if you haven’t heard of them yet, you surely will soon. Join DJ Schleen as he interviews experts who shed light on what Software Bill of Materials are, how they are used by organizations to exchange information on software composition, and the effect they will have on consumers of software from large organizations to government agen ...
…
continue reading
Trac Bannon: It's so crazy how I meet many of the Real Technologists. Sometimes it's through professional meetings, other times it's through LinkedIn. No doubt you've heard of a game called 'Six Degrees of Kevin Bacon.' It demonstrates the concept of six degrees of separation, which suggests that any two people on earth are six or fewer social conn…
…
continue reading
I generally don't make cold calls, at least when it comes to inviting folks to be on Real Technologists. Jess Szmajda and I crossed paths through our online cybersecurity and cloud computing networks. She's a general manager at AWS leading Network Firewall and Firewall management business. Previously, she was the GM for the VPN practice. With her o…
…
continue reading
We are approaching the midway point for Season 2 of Real Technologists. Senior, Pokie, and I wanted to take a moment to thank you and reflect on the past year. During Season 1, we learned that our eyes were bigger than our stomachs, so to speak. We had decided on an aggressive schedule of weekly podcasts. And like our guests, we learned a big lesso…
…
continue reading
Trac Bannon: When Julie Holdren, co founder of DC based Watering Hole AI joined our call, I immediately noticed stylish designer glasses with a popped collar. That lasted for only a few moments. Julie had a ton of connection and bandwidth issues. So after disconnecting and switching networks, Senior asked Julie and I to talk "cameras off". I'm glad…
…
continue reading
Trac Bannon: John Kaufhold is one of those super smart people... you know the ones... when you read their LinkedIn profile and do a little googling, their achievements and academic records are phenomenal. I was initially a bit shy about reaching out to talk with him. I'm a techie. I'm not a data scientist though I'd like to think that I'm math and …
…
continue reading
Trac Bannon: A few years ago, I was introduced to Helen Beal through our work with the DevOps Institute. Helen was the Chief Ambassador and I was submitting my credentials for consideration as an ambassador. We are both combed-shaped people and naturally had so many topics and passion areas to talk about. What is a comb-shaped person, you may ask? …
…
continue reading
🎙️ Free access to “Real Technologists” on your favorite podcast platforms: bit.ly/realtech-on-all-podcast-platforms 📌 Bob: Ok, Trac , let’s check your levels Trac: Check 1-2, Check 1-2, Season 1 Episode 20, Check 1-2 Bob: Ok, levels sound great; make sure you are set to record individual tracks Trac: Roger, got it. Bob: Ok, I’ll fade out and see yo…
…
continue reading
Doing our normal timeboxed guest research on SBI's Chief Technology Officer, Tracy Edwards, was both difficult and curious. Why curious? Prior to 2018, this Tracy Edwards spent her career more focused on humans and not technology. Once exposed to the idea of product management and bridging the divide between business and tech, she completely reinve…
…
continue reading
I'm noticing a few core traits in the many guests I've hosted for the Real Technologist podcast. Authenticity and a willingness to say yes. This rings true for guest Jonathan Rivers. He was recommended to me as somebody who absolutely is passionate about making opportunities for others. Talking with each guest is filled with surprises and challenge…
…
continue reading
1
Lauren Hanford on Add TACOS to your SBOM Combo Platter
25:28
25:28
Play later
Play later
Lists
Like
Liked
25:28
Remember the X-Files television show? Dana Scully was one of the main characters - a brilliant FBI agent who worked on unsolved cases involving paranormal phenomena. Often skeptical of the supernatural, she was always willing to keep an open mind, and she was also a great role model. She inspired many women in Technology, one of them being Lauren H…
…
continue reading
The incredible Jennifer Ives has become a champion for the Real Technologist podcast. She's been introducing me to an Uber broad set of deep technical experts of all different shapes and sizes. Given Jennifer's depth in AI and her new company, Watering Hole AI, it came as no surprise when she introduced me to Dr. Rebecca Bilbro. Dr. Bilbro is the f…
…
continue reading
1
Hasan Yasar on The Multiverse of SBOM Phases
28:56
28:56
Play later
Play later
Lists
Like
Liked
28:56
There's no better way to get to know someone than staying awake for 24 hours straight while moderating sessions of the world's biggest virtual DevOps conference - All Day DevOps. It's One of the many times I've gotten to spend with Hasan Yasar over the years. We were hunkered down in an office in Tyson's Corner, just outside of Washington, DC, broa…
…
continue reading
Leyla Samiee is another amazing real technologist that I met through Shutterstock CTO, Sejal Amin. Lately, I've been pretty amazed watching how networks grow organically and even more excited at the incredible humans willing to share their true stories, their genuine journeys. Genuine is probably the most descriptive, single word I can use to descr…
…
continue reading
I was introduced to Jennifer Ives through a mutual colleague, Sejal Amin. Sejal is one of the growing alumni of the Real Technologist podcast. Sagel and I were discussing how to move the needle from mentoring to refocusing on sponsoring others. What's the difference? Mentoring is often talking, teaching and strategizing. Sponsoring means taking ste…
…
continue reading
1
Trac Bannon on the connection between Generative AI, LLM and SBOMs
27:25
27:25
Play later
Play later
Lists
Like
Liked
27:25
I'll never forget the day I met Tracy, although I really think we were actually separated at birth. We were scheduled to be on a podcast together and after introducing ourselves to each other in the call lobby, we began a discussion that most likely would've gone on forever at the host, not interrupted us to get the show started. It turns out we bo…
…
continue reading
Trac Bannon: To be honest, I don't remember when or how I was introduced to Duena Blomstrom. I do know that throughout the lockdowns, we began randomly hopping on calls together and chatting. It really helped us navigate the seeming melees that embrace the globe during the lockdowns. We are constantly finding strong deep topics that focus on humans…
…
continue reading
1
Philippe Ombredanne on SBOMs, SCA and PURLs. Oh my!
35:55
35:55
Play later
Play later
Lists
Like
Liked
35:55
It must have been a year or so ago when I was looking for an open source vulnerability scanner to use in a project I was working on. As I scoured the internet, I stumbled upon a project called "VulnerableCode" - a server that could run locally and would return vulnerability information if you called its API and gave it a Purl. What's a Purl? It's a…
…
continue reading
1
Tim Miller on Do You Want Some GUAC with that SLSA?
29:44
29:44
Play later
Play later
Lists
Like
Liked
29:44
I read an interesting post on Twitter the other day about Software Bill of Materials. The author said "SBOMs promise a picture of what lies beneath the surface of software, but without large scale automated binary analysis, at best, they reflect intent not reality. As a result, relying on them is like being an explorer without a compass." The autho…
…
continue reading
My friend and mentor, Mark Miller, recently introduced me to Shannon Lietz. She joined our global journalist pool for a cybersecurity and open source podcast called "It's 5:05." Mark gushed about Shannon going as far as saying, Shannon coined the term DevSecOps. Okay. To be fair, everyone knows Patrick Debaux coined DevOps, but neither Google nor C…
…
continue reading
1
Dan Walsh on Practical Use from a CISO in Healthcare
26:15
26:15
Play later
Play later
Lists
Like
Liked
26:15
Every one of us has a few of those people in our lives that change the trajectory of our careers, and for me, Dan Walsh is one of them. It was just a few weeks after the world shut down during the pandemic when I was introduced to Dan by a mutual friend of ours - Aaron Rinehart - after Aaron heard I was looking for my next big adventure. He introdu…
…
continue reading
1
Brian Reed on Reverse Engineering Software with SBOM
21:18
21:18
Play later
Play later
Lists
Like
Liked
21:18
I remember being pushed back into my seat with a force I had never felt before. It was the first time I had ever been in an electric car, and Brian Reed was at the steering wheel with this big smile on his face as we went from 0 to 60 in about 3 seconds. It was just one of the many memorable experiences that I've had while spending time with Brian …
…
continue reading
It's kind of funny, our first conversation was when I was a guest on Chris and Nikki's podcast called Resilient Cyber. How did they meet? Well, the same way that I met Chris Hughes, on LinkedIn. Yep. It is a real thing. We met on a professional social networking platform. For about two years, we've floated in and out of each other's networks and ha…
…
continue reading
Earlier this year I had the opportunity to attend a software supply chain summit and meet Lisa Bradley, Senior Director of Product and Application Security at Dell. Lisa had a point of view that was different from the people I talked to about SBOMs in the past. It was big picture practical view of how to implement an SBOM initiative at scale - for …
…
continue reading
1
The journey so far, the things we’ve learned
15:26
15:26
Play later
Play later
Lists
Like
Liked
15:26
Trac Bannon: I've got to share with you that I did not expect the Real Technologist podcast to stretch me in so many dimensions. And if I'm being genuinely open and honest, there was no way to anticipate the impact on my husband, my sound engineer, my best friend, Bob. You see, Bob joins each recording session to check on our sound levels. He also …
…
continue reading
I often can't get over how small the world actually is. Earlier this year, I attended the Second Annual SBOM meetup after the first day of the RSA conference. The venue was at a little bar on Minna Street, tucked away underneath the skyscrapers of San Francisco. The bar was filled with quite a few familiar faces and after grabbing a cold beer, a ha…
…
continue reading
1
Brian Fox and the Creation of Open Source Repos
30:16
30:16
Play later
Play later
Lists
Like
Liked
30:16
As the video connects I see Brian Fox, sitting in front of a collection of model spacecraft which adorn the shelves behind him. It's a fitting backdrop for a conversation about the genesis of the software supply chain problem, and how exploration and discovery has led us to where we are as an industry today. Think about this, it all started when we…
…
continue reading
You would think that as a software architect that focuses on DevSecOps and being secure by design, that I would've attended an RSA conference before 2022. What is RSAC? It's the preeminent cybersecurity conference in the world. 2022 was my first, and I was hooked from the time I landed. This conference is known for its sense of community and inclus…
…
continue reading
1
Chris Hughes on Government and Cybersecurity: Where do we stand?
21:03
21:03
Play later
Play later
Lists
Like
Liked
21:03
I’m not the most active user of any social networking platform, but when I do engage it’s normally on LinkedIn - and the first thing I usually see is a great article, video, or post from Chris Hughes. He’s a content machine - an active podcaster, and I can tell you that when his upcoming book "Software Transparency," is released, I’ll be the first …
…
continue reading
I consider Robin Yeman a friend, though our story starts out with me being awestruck after listening to Robin present at the DevOps Enterprise Summit in 2019. She was among an impressive list of speakers that year including Dr. Nicole Forsgren, Rosalind Radcliffe, and Jonathan Smart. In her role as a Senior Technical Fellow at Lockheed Martin, Robi…
…
continue reading
1
What's VEX got to do, got to do with it? - Guest: Steve Springett
23:56
23:56
Play later
Play later
Lists
Like
Liked
23:56
Seems like every time I talk to someone or do research on Software Bill of Materials, I encounter VEX - Vulnerability Exploitability eXchange - and I never really understood what they were used for. I knew they had something to do with understanding the vulnerabilities that exist inside the components we list inside of an SBOM, but why does the for…
…
continue reading
I was introduced to Adrienne Shulman through our mutual involvement with the DevOps community. We had an immediate sense of camaraderie and purpose looking to inspire the next generation of technologists. Adrienne, in particular, is passionate about the need for more women developers. We had lengthy discussions on Slack about different dimensions o…
…
continue reading
1
Where do we put these things? Guest: Daniel Bardenstein
24:31
24:31
Play later
Play later
Lists
Like
Liked
24:31
Back in February, I posted that I was putting together a Podcast to help demystify Software Bill of Materials. Shortly afterwards - a reply appeared from Daniel Bardenstein. It was a simple message where he said that he'd love to talk about operationalizing and deriving value from SBOMs. This piqued my interest - because the question of what we do …
…
continue reading
It’s so interesting to me, how social media platforms and industry groups can facilitate new friendships and enhance networking. We all hear that it is possible, though when you take a step back, how many relationships have you grown this way? It takes deliberate effort and an openness to reach out to others. This is how I met Sejal Amin, the curre…
…
continue reading
1
Behind the scenes with an SPDX Contributor - Guest: Maximillian Huber
20:48
20:48
Play later
Play later
Lists
Like
Liked
20:48
As we continue the journey to unravel the world of Software Bill of Materials, I wanted to talk to a technologist who had been there from the start - and could shed some light on the background of the movement. The search for such a person led me to the South German State of Bavaria, where I found Max Huber. Max has been a contributor to the SPDX p…
…
continue reading
My friend and mentor, Mark Miller, tagged me on a LinkedIn post. Then he shot me a link on Slack a few months ago. His words? “This is someone you have to talk to, Trac” That person? Lani Rosales. Mark was right. I navigated to her LinkedIn profile and found myself laughing aloud. Here is the wildly smart and tech savvy Chief Operating Officer for …
…
continue reading
1
It's all about Trust... Guest: Shannon Lietz
28:15
28:15
Play later
Play later
Lists
Like
Liked
28:15
It was back in early 2017 when an annual tradition started in a hickory smoke filled lounge in San Francisco. I'd found myself at B-55 in the Marriott Marquis sitting around a large table after her day of presentations at the RSA Conference. Surrounding me were some of the originators of DevOps, thought leaders from the Rugged Movement, horseman fr…
…
continue reading
Being a part of a community means investing time to grow the community. You've got to keep a pulse on the voices, ideas, and themes, and look for way to continuously contribute. Sometimes, it could be a blog post, other times, maybe an open dialogue. I was organizing a panel on DevSecOps and CyberSecurity in government and looking for a well balanc…
…
continue reading
A package of Twinkies is a permanent fixture on Allan Friedman's desk, which he holds up to the screen during our conversation. A prime example of the underlying purpose of a Software Bill of Materials. The significance? The ingredient list on the package which lets you know what's inside. I always use the can of beans analogy myself - but the Twin…
…
continue reading
My first exposure to Caroline Wong was in 2021. It was the height of the pandemic lockdowns, and we were brought together virtually, to discuss mentoring in technology. I was instantly drawn to her focus on happiness and on avoiding toxicity. She's wicked smart, having received a degree in electrical engineering and computer science from UC Berkele…
…
continue reading
1
Exchanging BOM data with DBOM - Guest: Chris Blask
24:38
24:38
Play later
Play later
Lists
Like
Liked
24:38
When the video call finally connected, I saw glitching Chris Blask sitting behind a studio mic, and in the background an open door revealed what appeared to be a lake - with sun glistening across the water. For a brief moment, I thought Chris was working near a dock, but in fact, he was actually working on a boat. A boat in the middle of the waterw…
…
continue reading
When I met Katy Craig in 2017, it was in her role as a cyber security pro. She was working for Deloitte focusing on DoD and more specifically, the Navy. Given her cool and matter of fact countenance, she struck me as a natural for identifying and mitigating risk. More importantly was her handling of issues that struck. She is level headed and her d…
…
continue reading
1
The CycloneDx SBOM Format - Guest: Steve Springett
30:35
30:35
Play later
Play later
Lists
Like
Liked
30:35
I'm DJ Schleen and welcome to daBOM. I'm on a journey to demystify Software Bill of Materials and on this podcast I'll be investigating technical, regulatory, and practitioner stories in and around the SBOM and -BOM movement. Along the way you'll meet the people and teams responsible for creating and maintaining the various Software Bill of Materia…
…
continue reading
Today’s software is extremely complex – and with the pervasive use of third-party components, it’s become extremely difficult for anyone to keep track of all the external code in their systems. Pieces of code that aren’t written by your own developers. These components are assembled by engineers and can potentially make up the majority of the softw…
…
continue reading
Full transcript and resources for this episode: https://realtechnologists.org/ Jennifer Leggio is a fixture in the Cybersecurity industry. She's a no-nonsense communicator and that makes her perfect for her role in marketing, security solutions, and building communities. Jennifer has an honest approach to discussing security which has become her tr…
…
continue reading
Full transcript and resources for this episode: https://realtechnologists.org/ I first met Rosalind Radcliffe during the early days of the pandemic. We were both invited guests on a technical panel called DevOps Unbound. Our topic? Exploring the reality of DevOps and compliance. Following usual protocol, the moderator shared the names of the other …
…
continue reading
In our world today, technology plays an increasingly significant role in shaping our lives. The way we communicate, work, and even entertain ourselves is being revolutionized by tech. Behind every innovation, there's a person, a human being with unique experiences, perspectives and challenges. Understanding what shaped their perspective is a real g…
…
continue reading
