In this episode of the HackerNoon Podcast, Amy Tom sits down with Ilkka Turunen to talk about Supply Chain Security. They go over the Log4J incident that made a lot of apps built-in Java vulnerable to exploitation, what it means to be a field CTO, how companies can place themselves to collect user feedback, and a lot more!
 
Ilkka Turunen is the Field CTO of https://www.sonatype.com/ (Sonatype).
 
On this episode of the HackerNoon Podcast, Amy Tom and Ilkka Turunen chat about:
What is a field CTO anyways? 🤔 (01:20)
How do you stay in the loop on customer needs and feedback? ➿ (05:19)
How has Ikka’s job as a field CTO changed since the pandemic started? 😷 (07:30)
Supply chain attacks have increased since the pandemic started. How have Sonatype’s customers and the business changed over this period? 🧰 (08:53)
Breaking down how the executive order by Biden’s administration regarding supply chains is affecting the software industry ⚙️ (10:06)
What is the best way to mitigate supply chain risk? ⚠️ (11:49)
Getting into vendor due diligence as mitigation of supply chain risk 🚩(17:22)
Learnings from the Log4J incident 📝 (22:44)
Why are 40% of Log4J downloads still the old vulnerable versions? ☢️ (25:47)

 
Log4J vulnerability resource center:
https://www.sonatype.com/resources/log4j-vulnerability-resource-center

 
Find Ilkka Turunen online:
https://twitter.com/llkkaT

 
Learn more about HackerNoon:
To read HackerNoon stories, check out hackernoon.com
To apply for a position, check out https://careers.hackernoon.com/
To participate in HackerNoon writing contests, check out https://hackernoon.com/u/hackernooncontests

 

Ver todos los episodios