Dan Lorenc on fixing the 'crappy' CVE ecosystem
Episode sponsors: - Binarly, the firmware security experts (https://binarly.io) - FwHunt (https://fwhunt.run) Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding rounds and VC expectations, fixing the "crappy" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.
Audio is streamed directly from the publisher (aphid.fireside.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding rounds and VC expectations, fixing the "crappy" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.
Links:
- SBOMs - All the right ingredients, but something is still missing
- Open Source Development Threatened in Europe
- Chainguard Images: Reduce your attack surface
- Dan Lorenc on LinkedIn
- Dan Lorenc on Twitter/X
- Chainguard Raises $61 Million Series B
- Binarly -- Firmware Supply Chain Security Platform — Binarly is the world's first automated firmware supply chain security platform. Using cutting-edge techniques, Binarly identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.