Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo

Joshua Nicholson Podcasts

show episodes
 
Artwork

51
Cyber Security America

Joshua R Nicholson

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly
 
On the front lines of technology and business there is a battle of survival. Behind the scenes, businesses are on a mission to keep a vigilant watch for threats in an ongoing Cyber War. But it's not just about malware, ransomware, and breaches anymore. The obstacles and barriers companies face today are bigger and badder than ever — and these cyber threats are forcing them to prove they're secure for the future. So when you need answers to win the battle, tune into Cyber Security America wit ...
  continue reading
 
Artwork
 
Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There's a lot of good work happening that doesn't get attention because there's no marketing department behind it, they don't have a developer relations team posting on LinkedIn every two hours. Let's focus on those people and teams then learn what they do and how they do it. The goal is ...
  continue reading
 
Artwork

1
Brendon Marotta Show

Brendon Marotta

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly
 
Brendon Marotta is a filmmaker, author, and speaker. He is best known for his feature-length documentary American Circumcision, which appeared on Netflix. He is the author of multiple books, the next of which explores the treatment of children as a social justice issue.
  continue reading
 
Artwork

1
Intersect

EnterTalk

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly
 
INTERSECT is a radio interview program that showcases interviews with musicians who were once/or still are prominent Christian music artist, discussing how their encounter with Christ not only influenced the direction and intent of their music, but also the direction and intent of their individual lives. The shows will be interesting, entertaining and inspirational as we learn how these musicians started, their experiences along the way and where they are now as artist and people. Aaron “The ...
  continue reading
 
Loading …
show series
 
In episode 45, we sit down with Jasson Casey, CEO and Co-Founder of Beyond Identity, to explore how identity has become the new perimeter in cybersecurity. With over two decades of experience across security, networking, and software-defined infrastructure, Jasson unpacks why traditional defenses are failing and how the next generation of identity …
  continue reading
 
In this conversation, Josh speaks with Mikael Barbero, head of security at the Eclipse Foundation. They discuss the foundation's role in enhancing the security posture of open source projects, the importance of Software Bill of Materials (SBOMs), and the various security services provided to projects. Mikael explains the challenges and strategies i…
  continue reading
 
In episode 44 of Cyber Security America, host Joshua Nicholson sits down with Matthew Waddell, a battle-tested cybersecurity leader with over 25 years of experience in digital forensics, incident response, and ransomware defense. From conducting "just-in-time forensics" under combat conditions in Iraq and Afghanistan to leading global ransomware in…
  continue reading
 
I chat with Joshua Rogers about a blog post he wrote as well as some bugs he submitted to the curl project. Joshua explains how he went searching for some AI tools to help find security bugs, and found out they can work, if you're a competent human. We discuss the challenges of finding effective tools, the importance of human oversight in triaging …
  continue reading
 
Brian Fox discusses the challenges and future of open source package repository infrastructure. We discuss the complexities of managing public registries, the impact of overconsumption, and the importance of sustainable practices in the open source community. Brian tells us how organizations can reduce their footprint and contribute to a more balan…
  continue reading
 
Join us for a conversation with Foxboron (Morten Linderud) and Anthraxx (Levente Polyak), members of the Arch Linux security team. We talk about the difficulties of maintaining a Linux distribution, the challenges of handling CVEs, and the dedication of volunteers who keep the open-source community working (and how overworked those volunteers are).…
  continue reading
 
(…actually, Wesley was a teetotaler so not possible.)Ladies and gentlemen, the Provcrew is at war. “Can you be a Wesleyan Protestant and a Christian realist?”The battle lines are drawn. Providence editor Mark Tooley, a Methodist Christian realist, says yes; editor at large Robert Nicholson, a non-Methodist who knows about John Wesley’s optimistic t…
  continue reading
 
🎙 Inside the World of Cybersecurity with Steve Stasiukonis Tune in to the latest episode of Cyber Security America as we explore real-world solutions for defending against today's ever-evolving cyber threats. Our guest, Steve Stasiukonis, President of Secure Network Technologies, brings over 29 years of experience in penetration testing, informatio…
  continue reading
 
I discuss all things OpenSSL with Hana Andersen and Anton Arapov from the OpenSSL Corporation. Discover the intricacies of organizing the first-ever OpenSSL conference in Prague, the importance of post-quantum cryptography, and the evolution of OpenSSL from a small team to a global community. Whether you're a seasoned cryptographer or just curious …
  continue reading
 
The shocking assassination of Charlie Kirk is a wakeup call for Americans of every stripe. What is happening to our society? How can we fix it—and where do we start? In a fascinating conversation with Wilfred McClay and Stuart Halpern, authors of a new book entitled The Jewish Roots of American Liberty: The Impact of Hebraic Ideas on the American S…
  continue reading
 
In this episode I discuss the Python Software Foundation with Deb Nicholson. We discuss their contributions to the Python programming community. Learn how this dedicated organization supports the growth and innovation of Python, fostering an ecosystem for developers worldwide. Everything funding open-source projects to organizing community events, …
  continue reading
 
In our latest Cybersecurity America episode (42), I had the privilege of speaking with Jim Goepel, a true leader in cybersecurity and compliance — and someone who has helped shape the very ecosystem he now advises. Jim is the CEO of Fathom Cyber, a consulting firm in North Wales, PA specializing in: 🔹 CMMC assessment preparation 🔹 CUI education and…
  continue reading
 
In this episode, we the information system mapping tool Mercator with Didier Barzin, a CISO at a hospital in Luxembourg. Discover how Mercator revolutionizes the way organizations map their complex information systems. From hospitals to universities and even the banking sector. Mercator helps manage and protect vast networks by creating dynamic, co…
  continue reading
 
In a weird twist of history, the United States has spent the bulk of its diplomatic energy everywhere but its own backyard: the Western Hemisphere. President Trump has vowed to change that, wisely re-prioritizing Latin America after years of neglect, but may be undermining his chances of success with a counterproductive tariff policy that (ironical…
  continue reading
 
In this episode, I discuss into the security features of Talos Linux with Andrey Smirnov. Andrey explains how Talos focuses on its immutability and minimal attack surface. Discover how these enhancements fortify your systems against vulnerabilities, ensuring a secure and resilient infrastructure. Join us as we explore the security advancements that…
  continue reading
 
In this episode I chat with the authors of a recent paper on open source security: Open Source, Open Threats? Investigating Security Challenges in Open-Source Software. I chat with Ali Akhavani and Behzad Ousat about their findings. There are interesting data points in the paper such as a 98% increase in reported vulnerabilities compared to a 25% g…
  continue reading
 
In this episode of the Cybersecurity America Podcast, sponsored by DarkStack7, host Joshua Nicholson sits down with Nia Luckey — Army veteran, published author, and cybersecurity leader — to talk about her powerful journey from military service to the frontlines of cyber defense. Nia shares lessons on resilience, leadership, and transitioning from …
  continue reading
 
In an essay commemorating the end of World War II, Providence editor Dr. Paul Miller argues that increased global anarchy and democratic decline are pushing US towards another global war. “The question is not whether there will be conflict,” Miller writes, “but when, what kind, and how large.”In this episode of the Provcast, editor at large Robert …
  continue reading
 
In this episode we discuss crates.io trusted publishing with Tobias Bieniek. We cover the steps crates.io is taking to enhance supply chain security through trusted publishing, a method that leverages short-lived tokens and GitHub actions to safeguard against unauthorized access. Tobias shares insights into the challenges of managing a large-scale …
  continue reading
 
In this episode, sponsored by Darkstack7, Joshua sits down with Chris Cronin, partner at Halock Security Labs and founding partner of Reasonable Risk, to explore the intersection of cybersecurity, risk management, and the legal principles behind "reasonable" safeguards. Chris unpacks the DoCRA Standard and CIS RAM, sharing how historical and legal …
  continue reading
 
In this episode I chat with Patrick Garrity from VulnCheck. We discuss the chaos that has enveloped the CVE and NVD programs over the past two years. We cover some of the transparency and communication challenges with the existing program. What some of the new things that have started to emerge as well as why they seem to be struggling. We end on t…
  continue reading
 
On August 6, 1945 at 8:15 AM, US forces dropped a new kind of bomb—one which harnessed the very power of the sun—on the Japanese city of Hiroshima. The devastation was total and unprecedented: some 70,000 Japanese died in the blast and tens of thousands more by year’s end. The event marked the start of new era in international politics and of a lon…
  continue reading
 
In this episode I discuss GCVE and Vulnerability-Lookup with Alex and Cedric from CIRCL. GCVE offers a decentralized approach, allowing organizations to assign their own IDs and publish vulnerabilities independently. Vulnerability-Lookup is the tool that makes GCVE a reality. The flexibility addresses many of the limitations we see today with a sin…
  continue reading
 
Taking a break from guest interviews, the Provcrew (Tooley, Diddams, LiVecche, Nicholson) meets up to discuss a few big topics looming above the current news cycle. First, they talk through a recent Washington Post article from George Will arguing the need for more clarity about the nature and purpose of Western civilization. Moving between domesti…
  continue reading
 
In this episode, we dive into the Product Liability Directive and Cyber Resilience Act with Daniel Thompson, CEO of Crab Nebula. The EU's new legislative framework impacts manufacturers in ways we don't totally understand, but are going to bring substantial changes to how companies use and develop open source. Daniel explains the broader implicatio…
  continue reading
 
The end times get a bad rap. Typically associated with Christian fundamentalists, the apocalypse has in fact been an object of human fascination for thousands of years. In this offbeat conversation with Robert Joustra, professor of politics and international studies at Redeemer University, the Provcast crew (James Diddams and Robert Nicholson) unpa…
  continue reading
 
In this episode Jan Pleskac, CEO and co-founder of Tropic Square, shares insights on the challenges and innovations in creating open and auditable hardware. While most hardware is very closed, Tropic Square is working to change this. WE discuss how open source can enhance security, the complexities of integrating third-party technologies, and the f…
  continue reading
 
In episode 39, host Josh Nicholson is joined by memory forensics expert Andrew Case, co-developer of the Volatility framework and co-author of The Art of Memory Forensics. Together, they explore the critical role of memory analysis in modern incident response—uncovering hidden malware, insider threats, and ransomware techniques invisible to traditi…
  continue reading
 
On June 30th, Providence and Tikvah partnered to convene a panel titled "What We Mean by 'Judeo-Christian'" to discuss the role of the Hebrew Bible as a shared point of reference in the American traditions of liberal democracy and constitutional republicanism. This panel was inspired by the Providence article "The Judeo-Christian Nation" by Pete Pe…
  continue reading
 
In July 2023, Brig. Gen. (ret.) Yossi Kuperwasser saw something catastrophic on the horizon: a Hamas invasion of Israel. A year later, in a conversation with Providence, he predicted an aggressive IDF military campaign to proactively degrade Hezbollah, the Assad regime, and Iran itself -- another bold prediction which also came true. One year later…
  continue reading
 
Responding to two recent essays, the Provcast team interview Rich Ghazal, Executive Director of In Defense of Christians, to discuss the question of Christian persecution as it relates to US foreign policy past and present—and particularly to the well being of Christians now under threat in Syria. What is America’s obligation to these Christians an…
  continue reading
 
Cyber threats aren't slowing down—and neither are we. In episode 38 of Cyber Security America, I sit down with two powerhouses from Surefire Cyber—Karla Reffold and Billy Cordio—to pull back the curtain on what's really happening in today's incident response and threat intelligence landscape. 💡 What we cover: 📈 Real-world ransomware trends (like lo…
  continue reading
 
I'm joined by Philippe Ombredanne, creator of the Package URL (PURL), to discuss the surprisingly complex and messy problem of simply identifying open source software packages. We dive into how PURLs provide a universal, common-sense standard that is becoming essential for the future of SBOMs and securing the software supply chain. The show notes a…
  continue reading
 
Talking with Iranian scholar and policy expert Dr. Farhad Rezaei, the Provcast crew get caught up on the latest developments related to the Iran-Israel war before talking through a number of hard questions: the nature of America's involvement, the potential for escalation and unexpected outcomes, and the controversial question of regime change. How…
  continue reading
 
Thomas DePierre joins Open Source Security to discuss the central idea from his blog post, "You are all on the hobbyist maintainers turf now," exploring the massive disconnect between the corporate world that consumes open source and the hobbyist community that actually produces it. The conversation reveals this isn't a new problem, but a long-stan…
  continue reading
 
In this two-part conversation, the Provcast crew unpacks Ukraine’s surprise drone attack on Russia and what it means for the war (and the future of war in general), America’s involvement, and whether the attack risks escalation with Russia.The crew then shifts to President Trump’s recent speech in Riyadh, which lays out the preliminary principles o…
  continue reading
 
Providence Managing Editor James Diddams is joined by Jozef Kosc, Hamilton Center Fellow at the University of Florida, to discuss the varied ideological parentage of Iran's official state ideology, which includes not only Islamic sources but also European philosophers such as Martin Heidegger, Georges Sorel, Vladimir Lenin, Ernst Cassirer, and GWF …
  continue reading
 
I chat with Aaron Lippold, creator of MITRE's Security Automation Framework (SAF), to discuss how to escape the pain of manual STIG compliance. We explore the technical details of open-source tools like InSpec, Heimdall, and Vulcan that automate validation, normalize diverse security data, and streamline the entire security authoring process. The s…
  continue reading
 
In this powerful episode, we sit down with Kyle DuPont, CEO and Co-Founder of Ohalo, the trailblazing company reshaping the way organizations understand and manage unstructured data. With deep experience in both finance and technology, including a background at Morgan Stanley, Kyle shares the origin story of Ohalo and how their flagship product, Da…
  continue reading
 
I recently chatted with Andrew Nesbitt about his project, Ecosyste.ms. Ecosyste.ms catalogs open source projects by tracking packages, dependencies, repositories, and more. With this dataset Andrew is able to incredible insights into the world of open source. We chat all about how Ecosyste.ms works and how he manages to wrangle all this data. The s…
  continue reading
 
Daniel Stenberg, the maintainer of Curl, discusses the increase in AI security reports that are wasting the time of maintainers. We discuss Curl's new policy of banning the bad actors while establishing some pretty sane AI usage guidelines. We chat about how this low-effort, high-impact abuse pattern is a denial-of-service attack on the curl projec…
  continue reading
 
Providence Editor James Diddams is joined by Bill Drexel, Fellow at Hudson Institute in US-India relations and geopolitical competition with China, to discuss his April 4th article "How Competing Hindu Theologies Drove India’s Nuclear Decision Making—In Opposite Directions." The story of India's acquisition of nuclear weapons is a compelling counte…
  continue reading
 
I recently had a chat with Kairo about a project he maintains called Repository Service for TUF (RSTUF). We explain why TUF is tough (har har har), what RSTUF can do, and some of the challenges around securing repositories. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-rstuf-with-kairo-de-a…
  continue reading
 
Pondering recent events in the Vatican, the Provcast crew talks through the legacy of Pope Francis and the rise of "Pope Bob from Chicago" (the first Bishop of Rome to laugh at the Blues Brothers?) against the backdrop of a more important question: What role should the Roman Pontiff play in global affairs, if any? They then pick up questions surrou…
  continue reading
 
William Woodruff discussed his project, Zizmor, a security linter designed to help developers identify and fix vulnerabilities within their GitHub Actions workflows. This tool addresses inherent security risks in GitHub Actions, such as injection vulnerabilities, permission issues, and mutable tags, by providing static analysis and remediation guid…
  continue reading
 
Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning refer…
  continue reading
 
In his recent book "Religion and Republic: Christian America from the Founding to the Civil War" (Davenant, 2024), Miles Smith IV, Assistant Professor of History at Hillsdale College, explores the interplay between faith and politics in early America, revealing a more complex picture than current polemics might have us believe. Breaking down his th…
  continue reading
 
Dimitri Stiliadis, CTO from Endor Labs, discusses the recent tj-actions/changed-files supply chain attack, where a compromised GitHub Action exposed CI/CD secrets. We explore the impressive multi-stage attack vector and the broader often-overlooked vulnerabilities in our CI/CD pipelines, emphasizing the need to treat these build systems with produc…
  continue reading
 
Loading …
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play