To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

PurePerformance Programming Tech Software Development
Content provided by PurePerformance. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by PurePerformance or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Similar to PurePerformance

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

PurePerformance « »
Hello BOB - Cloud Native Cybersecurity with Bill of Behaviors with Constanze Roedig

27:05
 
Play
Playing
Share
 

MP3Episode home
Manage episode 508982017 series 1163503
Content provided by PurePerformance. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by PurePerformance or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
On September 8 the world saw the npm supply chain attack. Fortunately the community reacted in record time to avert a disaster.
In todays episode we have Constanze Roedig, Key Researcher at SBA Research, who introduces us to the new buddy of SBoM (Software Bill of Materials): SBoB (Software Bill of Behaviors) and her thoughts on how that new approach to fingerprinting software can help cyber security teams.
What's a BoB? It's a detailed runtime behavior profile of software. It expands on the static validation option through SBOMs as it allows security teams to validate the correct execution behavior of deployed software at deploy time or continuously in production. Thanks to eBPF, a malicious behavior such as opening non expected ports or accessing non expected files can therefore be detected.
Listen to Constanze who shares the work she and Vadim Bauer, Owner of 8gear, have done on this topic. You will learn about how software vendors can create their own SBOBs, ship them with their container images and how security teams can get alerted or enforce any detected malicious behavior. Make sure to check out their GitHub repo, star it if you like it and try their hands-on tutorial!
Links:
Constanze LinkedIn: https://www.linkedin.com/in/croedig/
Vadim LinkedIn: https://www.linkedin.com/in/vadim-bauer/O
BobCtl GitHub Repo: https://github.com/k8sstormcenter/bobctl
Cloud Native Summit Munich Talk: https://www.youtube.com/watch?v=XETuwndd_mw&index=11&pp=iAQB
npm supply chain attack: https://www.infosecurity-magazine.com/news/npm-supply-chain-attack-averted/
  continue reading

321 episodes

#PurePerformance #Programming #Tech #Software Development
Artwork

Hello BOB - Cloud Native Cybersecurity with Bill of Behaviors with Constanze Roedig

PurePerformance

40 subscribers

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 508982017 series 1163503
Content provided by PurePerformance. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by PurePerformance or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
On September 8 the world saw the npm supply chain attack. Fortunately the community reacted in record time to avert a disaster.
In todays episode we have Constanze Roedig, Key Researcher at SBA Research, who introduces us to the new buddy of SBoM (Software Bill of Materials): SBoB (Software Bill of Behaviors) and her thoughts on how that new approach to fingerprinting software can help cyber security teams.
What's a BoB? It's a detailed runtime behavior profile of software. It expands on the static validation option through SBOMs as it allows security teams to validate the correct execution behavior of deployed software at deploy time or continuously in production. Thanks to eBPF, a malicious behavior such as opening non expected ports or accessing non expected files can therefore be detected.
Listen to Constanze who shares the work she and Vadim Bauer, Owner of 8gear, have done on this topic. You will learn about how software vendors can create their own SBOBs, ship them with their container images and how security teams can get alerted or enforce any detected malicious behavior. Make sure to check out their GitHub repo, star it if you like it and try their hands-on tutorial!
Links:
Constanze LinkedIn: https://www.linkedin.com/in/croedig/
Vadim LinkedIn: https://www.linkedin.com/in/vadim-bauer/O
BobCtl GitHub Repo: https://github.com/k8sstormcenter/bobctl
Cloud Native Summit Munich Talk: https://www.youtube.com/watch?v=XETuwndd_mw&index=11&pp=iAQB
npm supply chain attack: https://www.infosecurity-magazine.com/news/npm-supply-chain-attack-averted/
  continue reading

321 episodes

#PurePerformance #Programming #Tech #Software Development

Усі епізоди

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to PurePerformance

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play