All 2025 Episodes
Gemara w/ Naseer Mohammed
Monday, August 25, 2025
--- Switching up the roles this time, Naseer Mohammed from Google Cloud hits me with questions about OpenSSF’s Gemara project (the GRC Engineering Model for Automated Risk Assessments). You can check out the latest from the Gemara project at …
Common Cloud Controls w/ Rob Moffat
Monday, August 18, 2025
Rob and I recorded today after our weekly sync, to give listeners a quick introduction to the FINOS Common Cloud Controls project, and some of its latest progress. You can check out the latest from the CCC project at https://ccc.finos.org
CNCF's TAG Security & Compliance w/ Brandt Keller
Tuesday, August 12, 2025
Brandt Keller sat down with me to chat through the latest efforts happening in CNCF’s Technical Advisory Group for Security and Compliance. Brandt is a CNCF Ambassador, Technical Lead of CNCF’s TAG Security & Compliance, and Software …
Baseline w/ Ben Cotton
Saturday, August 09, 2025
After a particularly lengthy working session preparing for the next release of the Open Source Project Security Baseline, Ben and I stop to drop some general knowledge and updates about that initiative. Ben is the Open Source Community Lead at …