‹ All episodes

Resilient Cyber

S6E19: Madison Oliver - Open Source & GitHub Advisory Database

June 12, 2024 Chris Hughes
S6E19: Madison Oliver - Open Source & GitHub Advisory Database
Resilient Cyber
More Info
Resilient Cyber
S6E19: Madison Oliver - Open Source & GitHub Advisory Database
Jun 12, 2024
Chris Hughes

- For those that don't know you or haven't come across you quite yet, can you tell us a bit about your background in tech/cyber and your role with GitHub?

- What exactly is the GitHub Advisory Database and what is the mission of the team there?

- There's been a big focus on vulnerability databases, especially lately with some of the challenges of the NVD. What role do you see among the other vulnerability databases in the ecosystem, including GHAD and how it fits into the ecosystem?

- GitHub has a very unique position, being the most widely used development platform in the world, boasting millions of users. How do you all use that position and the insights from it to help drive vulnerability awareness across the ecosystem?

- There's been a large focus on software supply chain security, including securing OSS. What are your thoughts on these trends and some ways we can combat these risks?

- You're also involved with the CVE program, can you tell us about that?

- We know you collaborate with another group, out of OpenSSF, known as the Vulnerability Disclosure Working Group. What does that group do and what role do you play?

Apple Podcasts Spotify Amazon Music Overcast Castro Castbox +
Show Notes

- For those that don't know you or haven't come across you quite yet, can you tell us a bit about your background in tech/cyber and your role with GitHub?

- What exactly is the GitHub Advisory Database and what is the mission of the team there?

- There's been a big focus on vulnerability databases, especially lately with some of the challenges of the NVD. What role do you see among the other vulnerability databases in the ecosystem, including GHAD and how it fits into the ecosystem?

- GitHub has a very unique position, being the most widely used development platform in the world, boasting millions of users. How do you all use that position and the insights from it to help drive vulnerability awareness across the ecosystem?

- There's been a large focus on software supply chain security, including securing OSS. What are your thoughts on these trends and some ways we can combat these risks?

- You're also involved with the CVE program, can you tell us about that?

- We know you collaborate with another group, out of OpenSSF, known as the Vulnerability Disclosure Working Group. What does that group do and what role do you play?