In the final installment of Season 4 of Security Nation, Jen and Tod sit down with Chris John Riley, senior security engineer at Google and co-host of the First Impressions podcast (the one about cybersecurity, not Jane Austen). They chat about Minimum Viable Secure Product (MVSP), a set of controls from Google, Salesforce, Slack, and Okta that Chris recently helped develop. MVSP aims to provide a better baseline for security when evaluating vendor risk. They discuss the state of supply chain security for technology vendors and the challenges of establishing what really qualifies as “minimum” in terms of security protocols.

Stick around for our Rapid Rundown, where Tod and Jen talk about a recently disclosed DNS rebinding vulnerability in Sky routers that exposed them to takeover attacks over the course of a whopping 17 months.

Check back in with us for Season 5 of Security Nation in January. In the meantime, have a safe holiday and a happy New Year!​

Chris John Riley

Chris John Riley is a Senior Security Engineer at Google, where he is tech lead for the vendor reviews focus area.

In his spare time, Chris collects books (that he never finds time to read) and spends his weekend taking long romantic walks from the sofa to the kitchen (mostly for snacks).

Show notes

Interview links

Rapid Rundown links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today