Application security, Compliance

Syncing of the Minds – ASW #101

This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!

To learn more about Synopsys, visit: https://securityweekly.com/synopsys

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Singularity: A Different Take on Container Security – Adam Hughes – ASW #101

Singularity is a container runtime that was built from the ground up to live in multi-user environments where POSIX permissions must be respected. In addition to a novel runtime approach, the Singularity Image Format (SIF) differs significantly from other container image formats, with built-in support for full image encryption as well as digital signatures.

Guest

Adam Hughes
Adam Hughes
Chief Software Architect at Sylabs Inc.

Adam is a developer with nearly two decades of experience in cyber security, real-time operating systems, carrier grade telecommunications systems, and large-scale distributed systems. After joining Sylabs in early 2018, he helped develop the Singularity Container Services suite, which forms an ecosystem around the Singularity container runtime. He has since taken on the role of Chief Software Architect and is now responsible for technical leadership of all Sylabs products.

Hosts

Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security

2. The Benefits of SAST and SCA in Your IDE – Utsav Sanghani – ASW #101

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That’s where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development.

Guest

Utsav Sanghani
Utsav Sanghani
Senior Product Manager at Synopsys

Utsav Sanghani is a senior product manager at Synopsys where he supports strategic cloud product initiatives. He works closely with customers, engineers, and design teams to guide strategic products from conception to launch and straightens out any potential hurdles in the process. He holds a business degree from Dartmouth College and a bachelor’s degree in engineering from the University of Mumbai, India.

Hosts

Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security
prestitial ad