Last updated at Wed, 11 May 2022 14:41:31 GMT

In this episode of Security Nation, Jen and Tod chat with Kate Stewart, VP of Dependable Embedded Systems at the Linux Foundation, about the open-source security projects she’s working on, including the Zephyr project. They chat about strategies for dealing with bugs and vulnerabilities in today's complex tech landscape, including the much talked-about software bill of materials (SBOM), so we can reap the benefits of open source while avoiding the downsides as much as possible.

Stick around for our Rapid Rundown, where Tod and Jen talk about a recent piece of news in the open-source community: A developer used the “event-source-polyfill” npm package to write a piece of “protestware” decrying Russia’s aggression in Ukraine. They also pay homage to healthcare cybersecurity stalwart Mike Murray, who recently passed away.

Kate Stewart

Kate Stewart works with the safety, security, and license compliance communities to advance the adoption of best practices into embedded open-source projects. With over 30 years of experience in the software industry, she has held a variety of roles and worked as a developer in Canada, Australia, and the US and for the last 20 years has managed international software development teams and activities. Kate was one of the founders of SPDX and is currently the specification coordinator. She is also the co-lead for the NTIA SBOM formats and tooling working group. Since joining The Linux Foundation, she has launched the ELISA and Zephyr Projects among others, as well as supporting other embedded projects.

Show notes

Interview links

Rapid Rundown links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today