Navigating Open Source Security
Manage episode 396137314 series 3446189
Emily Fox joins us to discuss her role as Security Lead in Emerging Technologies at Red Hat and her involvement in the open source community as Chair of the Cloud Native Computing Foundation's Technical Oversight Committee. She discusses her team's research focusing on refining Sigstore and working on remote attestation and her career journey from working as a Creative Director in an entertainment company to becoming a Developer Security Lead for the National Security Agency. The conversation further touches on the need for better diversity, accessibility, and the imperative of a supportive community within the open source ecosystem. Lastly, she shares her perspectives on developer experience, its challenges, and the need for empathy and kindness as we navigate post-pandemic life.
00:00 Introduction and Guest Background
00:24 Role and Responsibilities at Red Hat
01:46 Involvement in Open Source and Cloud Native Computing Foundation
03:07 Journey from Creative Director to Tech Ecosystem
06:09 Challenges in Open Source Project Security
08:03 Improving Security Practices in Software Development
09:22 Expanding Security Expertise in Developers
11:23 Security in AI and Machine Learning
15:24 Importance of Diversity and Inclusion in Tech
18:40 Improving Developer Experience in Open Source
21:00 Closing Thoughts and Parting Words
Guest: Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 13 years to drive a cultural change where security is unobstructive, natural, and accessible to everyone. Her technical interests include containerization, least privilege, automation, and promoting women in technology. She holds a BS in Information Systems and an MS in cybersecurity. Serving as chair on the Cloud Native Computing Foundation’s (CNCF) Technical Oversight Committee (TOC) and co-chair for KubeCon+CloudNativeCon China 2021, Europe 2022, North America 2022, Europe 2023, and CloudNativeSecurityCon 2023, she is involved in a variety of open source communities and activities.82 episod