DETROIT — Modern software projects’ emphasis on agility and building community has caused a lot of security best practices, developed in the early days of the Linux kernel, to fall by the wayside, according to https://www.linkedin.com/in/aevaonlinean open source veteran of 25 years. https://thenewstack.simplecast.com/episodes/how-do-we-protect-the-software-supply-chain “And now we’re playing catch up,“ said Black, an open source hacker in Microsoft Azure’s Office of the CTO. “A lot of less-than-ideal practices have taken root in the past five years.
https://www.linkedin.com/in/thechrisshort senior developer advocate with https://aws.amazon.com/?utm_content=inline-mention, challenged the notion of “shifting left” and giving developers greater responsibility for security.
A lot of the security problems that plague the software supply chain, Black said, are companies — especially smaller organizations — “just pulling software directly from upstream.