Episode 19

Sunburst and Securing Your Supply Chain

February 18th, 2021

30 mins 47 secs

Link with Timestamp

Download MP3 (25.3 MB)

Your Hosts
Tags
hack russia windows tidelift michael d. watkins first 90 days 30-60-90 orion solar winds solarwinds solarburst agile open tech open-tech brandon johnson red hat technology career sudo show eric the it guy itguyeric it guy open source opensource enterprise cloud devops it

About this Episode

Today, Brandon and Eric take a look Solarburst, the Solar Winds vulnerability that led to one of the biggest breaches in years. You'll get their take on the impact as well as stop by the Productivity Corner to discuss 30-60-90. All that and more on this episode of the Sudo Show!

Destination Linux Network
Sudo Show Website
Sponsor: Digital Ocean
Sponsor: Bitwarden
Sudo Show Swag UPDATED!

Contact Us:
DLN Discourse
Email Us!
Matrix: +sudoshow:matrix.org

Digital Ocean: Jump Start Your Startup with DigitalOcean App Platform

SolarWinds
OpenNMS
Fireeye

Sunburst:
Arstechnica: Feds Wrn that Solarwinds Hackers Likely Used Other Ways to Breach Networks
Arstechnica: Microsoft is Reportly Added to the Growing List of Victims
ZDNet: The More We Learn the Worse It Looks
CNN: US Officials Scramble to Deal with Suspected Russian Hack of Government Agencies

Open Source Hacks:
Mint: Beware of Hacked ISOs
Fossbyes: Fake Kodi Repos Hijack GitHub
The Register: Leaky S3 Buckets

Protecting Your Supply Chain:
Docker Certification Program
ReproducibleBuilds.Org
Tidelift
Linux Foundation: Preventing Supply Chain Attacks Like Solarwinds
Open Source Security Foundation
Palo Alto: What is a Zero Trust Architecture
GitHub: Third Party Code Scanning
GitLab: Dependency Scanning

Productivity Corner: 30-60-90
Amazon: The First 90 Days, Michael D. Watkins
Disclaimer, this is an Affiliate link. A percentage of your purchase will go to support the Sudo Show!