Want to create an interactive transcript for this episode?
Podcast: The Security Repo
Episode: Supply Chain Warfare: CI/CD Threats and Open Source Security with François Proulx
Description: Supply Chain Warfare: CI/CD Threats and Open Source Security with François ProulxIn this episode of the Security Repo Podcast, François Proulx, VP of Security Research at Boost Security, discusses the evolving threats in software supply chain security, particularly focusing on attacks targeting CI/CD pipelines. He explains how open source tools like "Poutine" are being used both defensively and offensively in the ongoing battle to secure build systems. François also shares his journey into security, lessons from working at Intel, and practical advice on dependency pinning, short-lived credentials, and pas...