Join host Viktor Petersson as he sits down with Marc Pous of Balena to explore the ever-evolving world of IoT, from remote management and fleet updates to security legislation and software bills of materials (SBOMs). Marc reveals how Balena pioneered container-based deployments on devices like Raspberry Pi, explains why over-the-air (OTA) updates are critical for any hardware project, and offers insights into upcoming regulations such as the Cyber Resilience Act (CRA). Discover why IoT is quickly becoming "just connected products," how businesses can adapt to this new era, and why it's time to rethink everything from SD cards to DevOps workflows. Whether you're an IoT veteran or curious about the future of connected tech, this episode offers a deep dive into managing devices at scale and keeping them secure.

28 FEB • 2025 1 hour 4 mins

In this episode, I sat down with Dustin Kirkland to discuss the critical topic of supply chain security and the innovative work being done at Chainguard. We delved into the concept of zero-CVE containers, exploring how this approach is revolutionizing container security. Dustin shared insights on modern supply chain threats, the importance of software bill of materials (SBOM), and practical strategies for maintaining secure container environments. The conversation covered both the technical challenges and solutions in today's rapidly evolving security landscape.

14 FEB • 2025 59 mins

In my conversation with Warren Houghton, he showed exactly how a penetration test unfolds: starting with scoping and permission paperwork, then moving into reconnaissance and tooling. He demonstrated how a tester uses Kali Linux alongside Nmap for port scanning, Metasploit for exploiting vulnerabilities, and Burp Suite for intercepting and manipulating web traffic. He also highlighted the risks of overlooked exposures—like a public .git directory or outdated WordPress plugins—and stressed how secure configurations and network segmentation can prevent lateral movement. Throughout, he emphasized the constant need for learning and vigilance against ever-evolving threats.

31 JAN • 2025 1 hour 1 min

In my conversation with Kate Stewart and Gary O'Neall, we explore the evolution and impact of SPDX in software transparency. From its origins in license compliance to its current role in security and vulnerability tracking, we unpack how this open standard is shaping modern software development practices. The discussion reveals fascinating insights into SBOM generation challenges and how SPDX 3.0 is being designed to meet the demands of today's CI/CD environments.

16 JAN • 2025 50 mins

I explore the technical depths of ZFS and FreeBSD with Allan Jude, diving into everything from filesystem architecture to operating system development. From copy-on-write design to advanced storage capabilities, we unpack what makes these technologies crucial for modern infrastructure.

01 DEC • 2024 1 hour 18 mins