Programming Throwdown educates Computer Scientists and Software Engineers on a cavalcade of programming and tech topics. Every show will cover a new programming language, so listeners will be able to speak intelligently about any programming language.
…
continue reading
Content provided by Bret Fisher. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bret Fisher or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to DevOps and Docker Talk: Cloud Native Interviews and Tooling
A podcast about web design and development.
…
continue reading
Technical interviews about software topics.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Tempers fly as the newsmakers of the week face-off in this award-winning show. Anchored by Sanket Upadhyay, this weekly program has politicians battlling wits with a live audience.
…
continue reading
It's not just Google. This Week in Google hosts, Leo Laporte, Jeff Jarvis, and Paris Martineau, cover all of Big Tech every Wednesday. Listeners tune in for thought-provoking and entertaining conversations about AI, Internet memes, the future of media, and the latest emerging tech. You won't want to miss a minute. Records live every Wednesday at 5:00pm Eastern / 2:00pm Pacific / 21:00 UTC.
…
continue reading
TED is a nonprofit devoted to ideas worth spreading. On this video feed, you'll find TED Talks to inspire, intrigue and stir the imagination from some of the world's leading thinkers and doers, speaking from the stage at TED conferences, TEDx events and partner events around the world. This podcast is also available in high-def video and audio-only formats.
…
continue reading
Do your eyes glaze over when looking at a long list of annual health insurance enrollment options – or maybe while you’re trying to calculate how much you owe the IRS? You might be wondering the same thing we are: Where’s the guidebook for all of this grown-up stuff? Whether opening a bank account, refinancing student loans, or purchasing car insurance (...um, can we just roll the dice without it?), we’re just as confused as you are. Enter: “Grown-Up Stuff: How to Adult” a podcast dedicated ...
…
continue reading
Software’s best weekly news brief, deep technical interviews & talk show.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Chainguard: Building Secure Container Images
Manage episode 416143288 series 2483573
Content provided by Bret Fisher. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bret Fisher or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Bret and Nirmal are joined by Dan Lorenc from Chainguard to walk them through Chainguard's approach to building secure, minimal container images for popular open source software.
They discuss why it is important to have secure and minimal container images. Dan explains how Chainguard helps remove the pain of CVEs, laggy software updates and patches and much more. Chainguard is now available also on Docker Hub.
They spend the first part of the show talking about the week's big news: the XZ supply chain attack, and Dan was the best man to explain it. They also touch on CVEs, things you can do to reduce the attack surface, SLSA, and more during this jam-packed show.
Be sure to check out the live recording of the complete show from April 4, 2024 on YouTube (Ep. 261).
★Topics★
Chainguard Website
Vulnerability Management Certification course
True Cost of Vulnerability Management
Chainguard Images
Chainguard on Docker Hub Announcement
Creators & Guests
- Cristi Cotovan - Editor
- Beth Fisher - Producer
- Bret Fisher - Host
- Nirmal Mehta - Host
- Dan Lorenc - Guest
- (00:00) - Intro
- (05:14) - Dan's Take on the XZ Hack
- (14:59) - Chainguard Distro Creation
- (21:21) - Chainguard in Docker Hub Announcement
- (24:26) - Free Images vs Private Images
- (26:27) - Zero CVE Approach
- (28:33) - Ways to Reduce Attack Surfaces
- (39:56) - Chainguard Academy
- (41:08) - Real Time Antivirus Malware Scanner
- (43:52) - Google Distro Lists Worth Using
- (45:56) - Chainguard for Buildpacks
- (46:20) - SLSA
- (56:08) - What's Next for Chainguard?
- (56:52) - Getting Started with Chainguard
You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!
Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
165 episodes
Share
Manage episode 416143288 series 2483573
Content provided by Bret Fisher. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bret Fisher or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Bret and Nirmal are joined by Dan Lorenc from Chainguard to walk them through Chainguard's approach to building secure, minimal container images for popular open source software.
They discuss why it is important to have secure and minimal container images. Dan explains how Chainguard helps remove the pain of CVEs, laggy software updates and patches and much more. Chainguard is now available also on Docker Hub.
They spend the first part of the show talking about the week's big news: the XZ supply chain attack, and Dan was the best man to explain it. They also touch on CVEs, things you can do to reduce the attack surface, SLSA, and more during this jam-packed show.
Be sure to check out the live recording of the complete show from April 4, 2024 on YouTube (Ep. 261).
★Topics★
Chainguard Website
Vulnerability Management Certification course
True Cost of Vulnerability Management
Chainguard Images
Chainguard on Docker Hub Announcement
Creators & Guests
- Cristi Cotovan - Editor
- Beth Fisher - Producer
- Bret Fisher - Host
- Nirmal Mehta - Host
- Dan Lorenc - Guest
- (00:00) - Intro
- (05:14) - Dan's Take on the XZ Hack
- (14:59) - Chainguard Distro Creation
- (21:21) - Chainguard in Docker Hub Announcement
- (24:26) - Free Images vs Private Images
- (26:27) - Zero CVE Approach
- (28:33) - Ways to Reduce Attack Surfaces
- (39:56) - Chainguard Academy
- (41:08) - Real Time Antivirus Malware Scanner
- (43:52) - Google Distro Lists Worth Using
- (45:56) - Chainguard for Buildpacks
- (46:20) - SLSA
- (56:08) - What's Next for Chainguard?
- (56:52) - Getting Started with Chainguard
You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!
Grab the best coupons for my Docker and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
165 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to DevOps and Docker Talk: Cloud Native Interviews and Tooling
Programming Throwdown educates Computer Scientists and Software Engineers on a cavalcade of programming and tech topics. Every show will cover a new programming language, so listeners will be able to speak intelligently about any programming language.
…
continue reading
A podcast about web design and development.
…
continue reading
Technical interviews about software topics.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Tempers fly as the newsmakers of the week face-off in this award-winning show. Anchored by Sanket Upadhyay, this weekly program has politicians battlling wits with a live audience.
…
continue reading
It's not just Google. This Week in Google hosts, Leo Laporte, Jeff Jarvis, and Paris Martineau, cover all of Big Tech every Wednesday. Listeners tune in for thought-provoking and entertaining conversations about AI, Internet memes, the future of media, and the latest emerging tech. You won't want to miss a minute. Records live every Wednesday at 5:00pm Eastern / 2:00pm Pacific / 21:00 UTC.
…
continue reading
TED is a nonprofit devoted to ideas worth spreading. On this video feed, you'll find TED Talks to inspire, intrigue and stir the imagination from some of the world's leading thinkers and doers, speaking from the stage at TED conferences, TEDx events and partner events around the world. This podcast is also available in high-def video and audio-only formats.
…
continue reading
Do your eyes glaze over when looking at a long list of annual health insurance enrollment options – or maybe while you’re trying to calculate how much you owe the IRS? You might be wondering the same thing we are: Where’s the guidebook for all of this grown-up stuff? Whether opening a bank account, refinancing student loans, or purchasing car insurance (...um, can we just roll the dice without it?), we’re just as confused as you are. Enter: “Grown-Up Stuff: How to Adult” a podcast dedicated ...
…
continue reading
Software’s best weekly news brief, deep technical interviews & talk show.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
