From Fear to Confidence: Navigating Open Source Security

Open at Intel

Player FM - Internet Radio Done Right

הוסף לפני two שנים

תוכן מסופק על ידי open.intel. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי open.intel או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Profits Through Podcasting

1
100 Episodes WASTED! Fix These 4 Simple Podcast Blunders in Minutes 14:42

לפני 7 weeks14:42

הפעל מאוחר יותר

רשימות

לייק

אהבתי

14:42

Is your health and wellness podcast optimized for success, or are crucial oversights holding back your potential? I audited a doctor’s podcast recently and was shocked at what I found. This podcast had over 100 episodes—pretty impressive. However, the whole setup of the podcast had some brutal mistakes that I’m sure were holding this doctor back from seeing bigger results. How can optimizing your podcast's website links transform your show's reach? Are you missing out on SEO benefits that could elevate your visibility? Curious about the impact of professional collaboration on your podcast? Don't let simple mistakes hold you back. Tune in to find out how to turn your podcast into a lead-generating powerhouse! Today’s episode includes: How minor mistakes hinder podcast growth and engagement. Why directing podcast episode links on Apple, Spotify, etc to your own website is ideal. Why collaborating with professional teams can elevate your podcast impact and revenue. How maintaining high production standards enhances credibility, especially in the health and wellness space. How omitting crucial subscription links will limit your audience growth. Why owning a proper domain ensures long-term SEO benefits and authority with search engines. How missing social media links in your show notes makes it difficult for listeners to connect with you. Why understanding and avoiding common mistakes ensures maximum ROI from podcasting efforts. Are you pouring your heart into your podcast but still not seeing the growth you deserve? Download our free guide to unlock your podcast’s full potential and expand your impact: https://eastcoaststudio.com/5mistakes Our LinkedIn: https://www.linkedin.com/company/eastcoaststudio/ Our Instagram: https://www.instagram.com/ecpodcaststudio/…

לפני שנה 25:20

MP3•בית הפרקים

00:00 Welcome Back, CRob!
00:52 Diving into Open Source Security
01:20 Understanding the OpenSSF
04:18 Key Personas in Open Source Security
09:44 Educational Resources for Developers
12:17 Getting Involved with OpenSSF Projects
15:27 Upcoming Event: SOSS Fusion
17:47 The Value of Open Source Events
21:48 Final Thoughts and Future Plans

Resources:

OpenSSF

SOSS Fusion

Guest:

Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. CRob is a 41st level Dungeon Master and a 24th level Securityologist. He has worked at several Fortune 500 companies with experience in the Financial, Medical, Legal, and Manufacturing verticals, and spent 6 years helping lead the Red Hat Product Security team as their Program Architect.

CRob has been a featured speaker at Gartner’s Identity and Access Management Summit, RSA, BlackHat, DefCon, Derbycon, the (ISC)2 World Congress, and was named a "Top Presenter" for the 2017 and 2018 Red Hat Summits. CRob was the President of the Cleveland (ISC)2 Chapter, and is also a children's Cybersecurity Educator with the (ISC)2 Safe-and-Secure program. He holds a Certified Information Systems Security Professional (CISSP) certification, Certified Secure Software Lifecycle Professional (CSSLP) certification, and The Open Group Architecture Framework (TOGAF) certification. He is heavily involved in the Forum for Incident Response and Security Teams (FIRST) PSIRT SIG, collaborating in writing the FIRST PSIRT Services Framework, as well as the PSIRT Maturity Assessment framework. CRob is also the lead/facilitator of the Open Source Security Foundation (OpenSSF) Vulnerability Disclosures and OSS Developer Best Practices working groups as well as a Technical Advisory Committee (TAC) member.

He enjoys hats, herding cats, and moonlit walks on the beach.

100 פרקים

#Tech #Open At Intel

Open at Intel

From Fear to Confidence: Navigating Open Source Security

Open at Intel

published לפני שנה

שתפו

MP3•בית הפרקים

Resources:

OpenSSF

SOSS Fusion

Guest:

He enjoys hats, herding cats, and moonlit walks on the beach.

100 פרקים

#Tech #Open At Intel

כל הפרקים

Open at Intel

1
Flatcar Linux: Made for Containers 22:24

לפני יומיים22:24

22:24

In this episode, Danielle Tal and Thilo Fromm join us to discuss Flatcar Linux. They introduce Flatcar as a Linux operating system designed specifically for containers and Kubernetes workloads, highlighting its automation, self-healing capabilities, and security features. They emphasize how Flatcar simplifies operations for startups and large companies alike by automating OS provisioning and maintenance. We discussed contributor engagement and the project's involvement with the CNCF. They also share intriguing use cases, like a Kubernetes cluster running on a tractor fleet, and stress the importance of community contributions, not just in code but in evangelism and documentation. 00:00 Introduction 01:05 What is Flatcar? 02:01 Flatcar's Automation and Self-Healing Capabilities 04:10 User Experience and Testing 05:06 Ideal Users and Use Cases 10:36 Community and Contributions 13:38 Getting Started with Contributions 16:59 Impact and Future Directions 19:58 Conclusion and Final Thoughts Guest: Danielle Tal is a Program Manager at Microsoft and an integral part of the team responsible for maintaining Flatcar Container Linux. The team is contributes to Linux OS distributions and Linux Security within Azure and other upstream projects. With a background in supporting diverse enterprise cloud applications as a support engineer, Danielle has transitioned into a management role, overseeing Docker EMEA support before joining the Flatcar team. Thilo Fromm is an engineering manager and works on Community Linux distributions and Linux Security at Azure. Thilo's team helps maintaining Flatcar Container Linux. He has given talks at FOSDEM, FrOSCon, KubeCon, Open Source Summit, Cloud-Native Rejekts, and various meetups like Kubernetes Community Days. Thilo started his career in embedded systems with hardware design and roll-your-own /from scratch embedded Linux, kernel and plumbing level development, and later virtualisation. After working for various cloud providers in engineering and management positions, he went full cloud native in 2019. Nowadays Thilo works on operating systems for cloud-native environments with a special focus on Flatcar Container Linux.…

Open at Intel

1
Demystifying Cyber Resilience and the Tools That Help 21:16

לפני 9 ימים21:16

21:16

In this episode, Michael Lieberman, Co-founder and CTO of Kusari, walks us through the intersection of open source software and security. We discuss Mike's extensive involvement in OpenSSF projects like SLSA and GUAC, which provide essential frameworks for securing the software development life cycle (SDLC) and managing software supply chains. He explains how these tools help verify software provenance and manage vulnerabilities. Additionally, we explore regulatory concerns such as the Cyber Resilience Act (CRA) and the vital role of the recently released Open SSF Security Baseline (OSPS Baseline) in helping organizations comply with such regulations. Mike also shares insights into the evolution of open source security practices, the importance of reducing complexity for developers, and the potential benefits of orchestrating security similarly to Kubernetes. We conclude with a look at upcoming projects and current pilots aiming to simplify and enhance open source security. 00:00 Introduction and Guest Welcome 00:19 Mike's Background and Role in Open Source 01:35 Exploring SLSA and GUAC Projects 04:57 Cyber Resiliency Act Overview 06:54 OpenSSF Security Baseline 11:29 Encouraging Community Involvement 18:39 Final Thoughts Resources: OpenSSF's OSPS Baseline GUAC SLSA KubeCon Keynote: Cutting Through the Fog: Clarifying CRA Compliance in C... Eddie Knight & Michael Lieberman Guest: Michael Lieberman is co-founder and CTO of Kusari where he helps build transparency and security in the software supply chain. Michael is an active member of the open-source community, co-creating the GUAC and FRSCA projects and co-leading the CNCF’s Secure Software Factory Reference Architecture whitepaper. He is an elected member of the OpenSSF Governing Board and Technical Advisory Council along with CNCF TAG Security Lead and an SLSA steering committee member.…

Open at Intel

1
Project Sylva and the Future of Telecom 24:07

לפני 16 ימים24:07

24:07

Tim Irnich from SUSE shares his work with Edge computing, focusing on the telecommunications industry. He highlights the importance of standardization and interoperability across the industry, specifically focusing on the widespread adoption of Linux and Kubernetes. Tim also elaborates on Project Sylva, an initiative under the Linux Foundation, aimed at creating a standardized stack for the European telco operators. We also discuss challenges and opportunities presented by the vast array of open source projects within the CNCF landscape and the potential for AI to enhance network efficiency and reliability. The episode provides a comprehensive look into the collaborative efforts and technological advancements shaping the telecom sector. 00:00 Welcome 01:14 Open Source Adoption in the Telco Industry 02:14 Challenges and Standardization in Telco Networks 04:35 Curating Reliable Stacks for Telco 06:11 Project Silva: An Open Source Initiative 18:55 AI in the Telecom Industry 22:11 Conclusion and Final Thoughts Tim Irnich is the product manager for SUSE Edge for Telco, an open source based horizontal telco cloud solution. He is also a member of the Board of Directors at the LF Europe Sylva Project. Tim has been active in telco related open source communities such as LF Networking, OPNFV, OpenDaylight, OpenStack/OpenInfra for over a decade and held positions on several committees including the LFN TAC, TSC and Board of Directors in OPNFV and OpenDaylight. Before joining SUSE in 2018, Tim worked at Ericsson, where he ran the open source and ecosystem program for Ericsson's cloud business unit and helped found Ericsson's open source development arm that is today known as Ericsson Software Technologies.…

Open at Intel

1
Data Privacy and Efficiency with Bacalhau Compute Over Data 23:10

לפני 23 ימים23:10

23:10

In this episode, David Aronchick, CEO and Co-founder of Expanso discusses his experiences and insights from working with Kubernetes since its early days at Google. David shares his journey from working on Kubernetes to co-founding Kubeflow and his latest project, Bacalhau, which focuses on combining compute and data management in distributed systems. Highlighting the challenges of data processing and privacy, particularly in edge computing and regulated environments, David emphasizes cost-saving benefits and the importance of local data processing. Throughout, privacy and regulatory concerns are underscored along with solutions for efficient and secure data handling. 00:00 Introduction and Welcome 00:23 Early Days of Kubernetes 01:05 Kubernetes Community and Evolution 02:23 AI, ML, and KubeFlow 03:40 Current Work and Data Challenges 08:20 Privacy and Security Concerns 14:21 Real-World Applications and Benefits 20:42 Conclusion Learn more about Intel® Liftoff for Startups: https://www.intel.com/content/www/us/en/developer/tools/oneapi/liftoff.html Learn more about our collaboration with Expanso in the Open Platform for Enterprise AI (OPEA) project: https://opea.dev Guest: David Aronchick, Founder and CEO at Expanso, formerly led open source machine learning strategy at Azure, managed Kubernetes product development at Google, and co-founded Kubeflow. Previous roles at Microsoft, Amazon, and Chef.…

Open at Intel

1
Evolving Software Deployment With GitLab 20:55

לפני 23 ימים20:55

20:55

In this episode, we sit down with Victor Nagy of GitLab to discuss his role and GitLab's initiatives. Victor details the transition from using a custom solution to integrating Flux for smoother application deployment. Victor also talks about GitLab's commitment to the open source community, contributions to Flux, and becoming a potential maintainer. We also touch on what makes developer tools great, developer experience, and developments in AI and security, highlighting the rapid pace of innovation in these fields. 00:00 Introduction and Guest Introduction 00:36 Key Open Source Projects: Flux and GitLab 01:17 Choosing Flux 03:42 Community Contributions and Future Plans 05:35 Deployment and Product Management 12:31 GitLab's Comprehensive Platform and Differentiators 18:38 Security and AI 19:43 Conclusion and Final Thoughts…

Open at Intel

1
The Future of AI Workloads with Slinky 18:51

לפני 4 weeks18:51

18:51

In this episode, Marlow Warnicke, lead for the Slinky project, and Tim Wickberg, CTO of SchedMD, join us to discuss their work integrating HPC scheduler Slurm with Kubernetes. They provide background on Slurm's origins, its open source nature, and its evolution into Slinky to address Kubernetes's limitations in scheduling AI and HPC workloads. The discussion touches on the unique challenges in the MLOps space, the need for fine-grained resource control, and their collaborative efforts with various communities to enhance Kubernetes's efficiency. They also share the roadmap for Slinky and avenues for community collaboration and contribution. 00:00 Introduction and Guest Introductions 00:39 Overview of Slurm and Its Evolution 01:44 The Fusion of Slurm and Kubernetes: Slinky 04:14 Challenges in Kubernetes Scheduling 09:07 Unique Challenges in MLOps 12:58 Community Collaboration and Future Plans 16:41 Getting Involved and Final Thoughts…

Open at Intel

1
Open Source Maintainership: The Highs, Lows, and Everything In Between 23:38

לפני 5 weeks23:38

23:38

Katherine Druckman sat down with Sarah Christoph, lead maintainer of Porter, and Karen Chu, community manager for Helm, to discuss the realities of maintaining open source projects. We discussed the challenges maintainers face, including burnout, community building, and the importance of human interactions in sustaining projects. The conversation highlights strategies for creating sustainable workflows, such as documentation and contributor ladders, and the essential role of positive feedback and community support in maintaining morale. The episode also underscores the protective and inclusive nature of the open source community, shining a light on mentorship and the personal growth it fosters. 00:00 Introduction 02:30 Challenges in Open Source Maintenance 03:43 Maintainer Burnout and Coping Strategies 08:10 Building Sustainable Open Source Projects 10:37 The Importance of Community and Mentorship 12:41 Recognizing and Crediting Contributors 14:14 The Human Connection in Open Source 21:22 Final Thoughts Guests: Karen Chu Sarah Christoff…

Open at Intel

1
The Human Side of Code 20:46

לפני 6 weeks20:46

20:46

In this episode, we hear from Megan Knight, Director of Software Communities at Arm. Megan shares her experiences with open source projects, particularly focusing on the Yocto project which helps build custom Linux distributions. She discusses the challenges of community management, maintaining contributor motivation, and the impact of policy changes on open source projects. The discussion also touches on the importance of corporate support in sustaining open source contributions. 00:00 Introduction and Welcome 00:52 The Yocto Project: Building Custom Linux Distributions 01:33 Managing Open Source Communities 04:20 Motivations and Challenges in Open Source Contributions 05:18 Conflict Resolution in Open Source Projects 06:59 Unexpected Use Cases in Open Source 10:03 Sustainability and Training in Open Source 18:07 The Future of Open Source in Automotive 19:18 Conclusion Guest: Megan Knight is the Director of Software Communities at Arm where she delightfully works with the upstream. She holds various positions on project boards including Yocto Project, UXL Foundation, Zephyr Project, and OpenSSF. Prior to Arm, she led the IoT and Automotive open source engagement portfolio at Amazon Web Services and served as the Amazon representative on critical dependency open source project boards. She got her start in open source working at The Linux Foundation with the Linux Kernel and Linux Plumbers communities.…

Open at Intel

1
Understanding Observability with OpenTelemetry 21:50

לפני 7 weeks21:50

21:50

Join us as we sit down with Austin Parker, Director of Open Source at Honeycomb.io to discuss observability with OpenTelemetry, explaining its importance in cloud native software and discussing the OpenTelemetry project's growth and community contributions. He shares insights on the evolution and adoption of Open Telemetry, its impact on the software industry, and the collaborative nature of its development. 00:00 Introduction 00:45 Understanding OpenTelemetry 02:48 The Importance of Observability 05:01 Challenges and Innovations in Observability 09:36 The OpenTelemetry Community 12:12 Challenges with Vendor Lock-In 14:29 Encouraging New Contributions 18:07 Recognizing Community Contributions 20:24 Final Thoughts Guest: Austin Parker is Director of Open Source at honeycomb.io, an OpenTelemetry maintainer and governance member, author of several books, and all around great person.…

Open at Intel

1
AI and MLOps with Kubernetes 20:37

לפני 7 weeks20:37

20:37

In this episode, we caught up with Abdel Sghiouar, a Developer Advocate at Google and the co-host of The Kubernetes Podcast. Abdel shared the latest developments in Kubernetes and AI applications, highlighting the unique challenges of running machine learning models on Kubernetes, particularly focusing on scalability and the context window in large language models. We also discussed the importance of working groups in overcoming these challenges and emerging concerns in AI security. 00:00 Introduction and Welcome Back 00:20 Abdel's Role and Podcast 00:36 Kubernetes and Cloud Native Space 01:14 AI and MLOps Discussion 02:20 Challenges with Large Language Models 04:48 Kubernetes Working Groups 05:55 Security Concerns in MLOps 09:48 Exploring Solutions and Community Interaction 18:23 Conclusion Guest: Abdel Sghiouar is a Cloud Developer Advocate @Google Cloud. His focus areas are GKE/Kubernetes, Service Mesh and Serverless. Abdel started his career in datacenters and infrastructure in Morocco before moving to Google's largest EU datacenter in Belgium. Then in Sweden he joined Google Cloud Professional Services and spent 5 years working with Google Cloud customers on architecting and designing large scale distributed systems before turning to advocacy and community work. You can follow him at @boredabdel .…

Open at Intel

1
Positioning and Strategy with Open Source 20:10

לפני 8 weeks20:10

20:10

Consultant Emily Omier discusses her work with open source companies on product strategy and positioning. She explains the unique challenges and opportunities such companies face, particularly the tension between commercial offerings and open source projects. Emily highlights the importance of solid product strategy, shares her process from customer interviews to leadership workshops, and addresses common misconceptions and struggles companies encounter. Additionally, she touches upon the strategic reasons for open-sourcing software. 00:00 Introduction and Guest Background 00:16 Understanding Product Strategy in Open Source 01:58 Engaging with Companies at Different Stages 03:10 Workshop and Internal Knowledge Surfacing 04:16 Differentiating Open Source and Commercial Offerings 07:09 Common Struggles and Misunderstandings 10:35 Community Building and Its Importance 14:21 Open Sourcing Projects: Reasons and Benefits 17:28 Experience at All Things Open 18:07 Conclusion and Upcoming Events Guest: Emily Omier is a consultant who helps open source startups accelerate growth with killer positioning. She also hosts The Business of Open Source, a podcast about building open source companies and is the founder of Open Source Founders Summit, a business-focused conference for leadership of open source companies.…

Open at Intel

1
Balancing Act: Software Security and Developer Experience 25:32

לפני 8 weeks25:32

25:32

In this episode, we sit down with Luke Hinds, CTO of Stacklok and creator of Sigstore, to learn from his extensive background in open source security. Luke shares insights into his journey and passion for security, highlighting the thrill of the 'cat and mouse' dynamics. He discusses Stacklok’s project, Minder, a software supply chain platform designed to streamline security while boosting developer productivity. Luke also touches on Trusty, another Stacklok initiative aimed at assessing the security risks of open source packages using data science. The conversation expands to the impact of AI on code contributions and developer identity, reflecting on the evolving dynamics in software development and security. Finally, Luke shares thoughts on the ongoing challenges and opportunities in bridging the gap between operations and engineering to maintain robust security in fast-paced development environments. 00:00 Introduction 02:29 Personal Reflections on Security 04:14 Introduction to Stacklok and Minder 05:02 Minder's Features and Capabilities 07:38 Target Audience and Use Cases for Minder 10:41 Balancing Security and Developer Productivity 13:00 The Importance of Seamless Security 13:52 Introduction to Trusty: Understanding Open Source Security Risks 14:45 Analyzing Malicious Packages and Developer Contributions 18:06 The Role of Developer Identity in Open Source Projects 19:20 AI's Impact on Code Development and Security 20:10 Challenges and Future Directions in Developer Identity 23:31 Concluding Thoughts and Future Conversations Guest: Luke Hinds is the CTO of Stacklok. He is the creator of the open source project sigstore, which makes it easier for developers to sign and verify software artifacts. Prior to Stacklok, Luke was a distinguished engineer at Red Hat.…

Open at Intel

1
Open Source and Public Policy: A Conversation with Deb Bryant 20:23

לפני 9 weeks20:23

20:23

Deb Bryant discusses her career journey and the significant role of open source software in public policy, particularly in the US and Europe. She highlights her work with the Open Source Initiative, Oregon State University, and Red Hat, emphasizing the importance of open source in government operations and cybersecurity. Deb also addresses the challenges and evolution of open source policies, the critical need for sustainability in open source projects, and her current focus on AI's impact on the ecosystem. She concludes by advocating for harmonized international regulations and human-centered AI approaches. 00:00 Introduction 00:44 Government and Open Source Software 01:38 Experiences in the Private Sector 02:14 Open Source in Public Policy 04:31 Cybersecurity and Open Source 07:42 Sustainability in Open Source 15:05 Future of Open Source and AI 18:53 Conclusion and Final Thoughts Guest: Deb Bryant, Director, US Policy and Founder, Open Policy Alliance Open Source Initiative Throughout her career, Deborah has lent her voice to supporting open source projects and developers, building bridges between academia, industry, non-profits, and government along the way. Today she provides guidance to open source foundations seeking to support public policy development in open technology domains. She has worked in emerging technology and has been an advocate of free and open source software and the community that makes it so since the 1990s. Deborah is board director emeritus at the Open Source Initiative (OSI); serves on the DemocracyLab board; serves on the advisory boards of Open Source Elections Technology Foundation and the OASIS Open Project, and as an advisor to the Brandeis University Open Technology Management program. She also represents OSI as a member of the Digital Public Goods Alliance. For eight years prior to her reentry into the nonprofit world, she led one of the world’s largest open source program offices (OSPO) at Red Hat where her global team was responsible for the company’s strategy and stewardship in open source software communities. While at Red Hat she served on the Eclipse Foundation board for two years. Deborah’s published academic research includes the Use of Open Source in Cybersecurity in the Energy Industry and Collaborative Models for Creating Software in the Public Sector.…

Open at Intel

1
Canonical's Data Science Stack and AI's Open Future 19:34

לפני 9 weeks19:34

19:34

In this episode, Andreea Munteanu of Canonical discusses Data Science Stack, an out-of-the-box machine learning environment solution. Emphasizing the industry's shift to Kubernetes and cloud native applications, she outlines her vision for accessible and secure open source AI. The conversation also covers the importance of community contribution, challenges faced by data scientists, and the future of AI being open source. 00:00 Introduction 01:50 Data Science Stack Introduction 03:31 Community and Collaboration 06:30 Getting Started with Generative AI 08:56 Andreea's Journey into Data Science 10:59 The Future of AI and Open Source 14:57 Encouraging Open Source Contributions 17:28 Conclusion and Final Thoughts Guest: Andreea Munteanu helps organizations drive scalable transformation projects with open source AI. She leads AI at Canonical, the publisher of Ubuntu. With a background in data science across industries like retail and telecommunications, she helps enterprises make data-driven decisions with AI.…

Open at Intel

1
Mastering Generative AI 24:20

לפני 11 weeks24:20

24:20

In this episode, Andrew Brown, founder of Exam Pro, joins the podcast to discuss his background in educational technology and his current endeavors in teaching tech certifications and coding boot camps. Andrew shares his excitement about generative AI and how developers can stay updated with rapidly evolving innovations like Deepseek and the Open Platform for Enterprise AI (OPEA), the importance of understanding foundational concepts, and the role of open models in democratizing AI technology. The conversation also covers the relevance of deploying custom models, integrating reliable educational strategies, and ensuring developers have the knowledge to use AI applications effectively. Andrew shares insights on his courses and offers practical advice for developers keen on diving into generative AI. 00:00 Introduction and Guest Welcome 00:19 Andrew Brown's Background and Current Work 01:10 Exciting Trends in Tech Education 02:20 Deep Dive into Generative AI 05:23 DeepSeek and AI Model Costs 07:44 Challenges and Opportunities in AI Development 09:22 Open Source AI and Developer Training 11:00 Practical Advice for Aspiring Developers 13:00 Challenges and Opportunities in AI Development 18:34 Conclusion and Final Thoughts Resources: FREE GenAI Boot Camp Exam Pro Resources on GitHub Andrew on GitHub Guest: Andrew Brown is the founder of Exam Pro where he creates training materials for developers. He also creates free cloud certification courses for freeCodeCamp.…

Open at Intel

1
From Kubernetes to Argo: Exploring the World of the Cloud Native End User 18:39

לפני 12 weeks18:39

18:39

In this episode, Henrik Blixt, a product manager at Intuit and Argo maintainer, shares his experiences and insights into managing platform engineering teams that handle Kubernetes, service mesh, API gateways, and more. He emphasizes the importance of product management within platform engineering and discusses his involvement with the CNCF's end user technical advisory board. Henrik also highlights the significance of open source in his professional journey and details the ongoing initiatives and advancements within the Argo project. 00:00 Introduction and Guest Welcome 00:53 Discussion on Argo and Developer Tools 01:41 Open Source Community Involvement 02:06 CNCF End User Technical Advisory Board 03:11 Reference Architectures and Initiatives 08:18 Challenges and Solutions for End Users 13:20 Argo Project Insights 16:03 The Importance of Product Management 17:16 Conclusion and Final Thoughts Guest: Henrik Blixt leads a Product Management team responsible for the Intuit core platform, where he defines the strategy and direction that has shaped Intuit’s cloud native platform based on CNCF projects like Kubernetes, Envoy, Istio, Prometheus, Argo (and many more!) that’s used by 7000 developers and serving over 100M users. Being a passionate member of the open source community for almost 30 years, from Linux through OpenStack and Kubernetes, Henrik is currently focused on the Argo project as a core maintainer. He also represents Intuit across other committees, like the CNOE project and the broader Linux Foundation, where he shares experiences and best practices from Intuit’s use of open source, making sure end users are heard and their pain points understood. He loves engaging with the community and has been a prolific speaker and event program committee member across ArgoCon, GitOpsCon, Kubecon over the years. A native of Sweden, earning his B.Sc in information systems from the University of Gothenburg, he now resides in California with his family.…

Open at Intel

1
Breaking Down AI: Small Models, Big Impacts 20:44

לפני 13 weeks20:44

20:44

Joshua Alphonse discusses the potential of small language models, highlighting their efficiency and applicability in various domains such as financial compliance and multimedia processing. The conversation also touches upon the intersection of creativity and technology, AI's role in the future of multimedia, and the significance of open source models. Joshua emphasizes the importance of eliminating biases in AI and the exciting advancements in agentic AI and spatial AI, projecting how these innovations might shape the tech landscape in the coming years. 00:00 Introduction and Welcome 00:09 Joshua's Background and Experience 00:34 Current Projects and Innovations 03:04 The Importance of Small Language Models 06:14 Open Source and AI Ethics 10:13 Future of AI and Exciting Developments 12:20 Challenges and Controversies in AI 17:47 Conclusion and Final Thoughts Guest: Joshua Alphonse is Head of Product at PremAI. Joshua has spent his time empowering developers to create innovative solutions using cutting-edge open-source technologies. Previously, Joshua worked at Wix, leading Product and R&D engagements for their Developer Relations Team, and at Bytedance he successfully created content, tutorials, and curated events for the developer community.…

Open at Intel

1
Fostering Open Source Culture and Unlocking Innovation 27:54

לפני 14 weeks27:54

27:54

In this episode, we celebrate Free and Open Source Software Month this February by chatting with some of Intel’s own open source software and community enthusiasts, Arun Gupta and Shirley Bailes, about open source, its business value, and how to unlock innovation through openness. Arun discusses his book, 'Fostering Open Source Culture,' detailing his journey from past experiences at major tech companies to the process and inspiration behind writing the book. The conversation covers the importance of fostering an open source culture, including the roles of various companies and foundations. Shirley shares her first-time author experience, emphasizing the role of foundations in maintaining a sustainable open source ecosystem. The discussion touches on the benefits of corporate engagement in open source, the challenges of proving ROI, and the critical need for a new generation of contributors. Arun and Shirley highlight real-world case studies and provide practical advice for companies looking to embrace and invest in open source culture. 00:00 Introduction 00:33 Arun Gupta’s Journey in Open Source 03:23 Shirley Bailes on First-time Authorship 04:42 The Role of Foundations in Open Source 07:17 Leadership in Open Source Foundations 11:27 The Business Case for Open Source 15:40 The Importance of Community and Collaboration 25:18 Conclusion and Book Information Resources: Episode Transcript Guests: Shirley Bailes has been involved in developer communities and building open source programs for over 15 years. She is the Director of Software Ecosystem Strategy in Intel’s Office of the CTO, where she leads thought leadership and strategic initiatives to accelerate startup innovation and developer ecosystem growth. She previously led open source programs at AWS and served as Co-President of the Women at Amazon Global Board. Arun Gupta is Vice President and General Manager of Developer Programs at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun Microsystems through systemic changes to embrace open source principles. He is the elected chair of the CNCF GB and elected Chair of the OpenSSF GB. He has delivered technical talks in 45+ countries and authored multiple books. He is a fitness and kindness enthusiast.…

Open at Intel

1
Managing Kubernetes with Komodor 21:30

לפני 15 weeks21:30

21:30

In this episode, we speak with Udi Hofesh and Itiel Schwartz from Komodor about their roles and the mission of their company. Komodor aims to simplify Kubernetes at scale by providing tools for managing, troubleshooting, and optimizing Kubernetes clusters. They discuss the unique features of Komodor, including their approach to using AI to address Kubernetes issues and their involvement in open source projects like Helm Dashboard. The conversation also touches upon the new native integration for managing Kubernetes add-ons and the future direction of the company. 00:00 Introduction and Guest Introduction 00:27 What is Komodor? 00:59 Challenges in Kubernetes 01:32 Komodor's Unique Solutions 02:27 Target Audience and Developer Relations 06:56 Open Source Contributions 14:09 AI Integration in Komodor 18:47 New Features and Future Plans Guests: Itiel Shwartz, CTO and Co-founder, Komodor Udi Hofesh, DevRel, Komodor…

Open at Intel

1
The Open Source Path to Security and Privacy: Divvi Up and Let's Encrypt 22:02

לפני 16 weeks22:02

22:02

In this episode, Sarah Gran and Brandon Pitman from the Internet Security Research Group (ISRG) dive into their projects, Divvi Up and Let's Encrypt. They discuss the creation and impact of Divvi Up, a privacy-preserving metrics aggregation service, and its role in protecting individual data while providing valuable insights to organizations. They share the journey from collaborating with Google and Apple on COVID-19 exposure notifications to enhancing privacy for Firefox users. The conversation also explores the importance of TLS certificates provided by Let's Encrypt and the challenges and advancements in the realm of online privacy. 00:00 Introduction and Guest Introductions 01:22 Overview of DivviUp 02:29 Privacy Concerns and Data Security 06:18 Real-World Applications and Examples 11:28 Technical Details and Protocols 19:53 Open Source and Community Involvement 20:39 Conclusion and Final Thoughts Guests: Sarah Gran is the Vice President of the Brand and Donor Development team at Internet Security Research Group ( ISRG ), the nonprofit entity behind Let's Encrypt , the world's largest certificate authority. Sarah joined ISRG in early 2016, shortly after the Let’s Encrypt launch and has helped it become a household name in software development. Sarah has also helped to shape ISRG’s latest projects, one focused on bringing memory-safe code to security-sensitive software, called Prossimo , and a privacy-respecting metrics service, called Divvi Up .Sarah is an independent member of the Tor Project’s Board of Directors. Previously, Sarah worked as a Vice President at Edelman SF and Deutsch NY in brand and communications strategy groups. Brandon Pitman is the Senior Software Engineer for Divvi Up and has a Master’s in Computer Science from Georgia Tech. Prior to ISRG, they worked at Google on a variety of Security, Privacy, and Green Energy projects. Bran came to ISRG to be a part of improving the privacy stance of the Internet as a whole.…

Open at Intel

1
ROI in Open Source Contributions 21:23

לפני 17 weeks21:23

21:23

In this episode, Katherine Druckman speaks to Alex Scammon, who leads the Open Source Program Office (OSPO) at G Research. Alex discusses the company's significant contributions to open source projects and their unique operating model. He covers the success of Armada, a CNCF sandbox project for multi-cluster batch scheduling, and the considerable efforts of G Research’s OSPO, which includes 30 engineers dedicated to direct open source contributions. Alex also shares insights on the benefits of supporting open source projects, the complexities of project prioritization, and the collaborative efforts in the open source community. The episode emphasizes the importance of sustainable open source involvement and offers a glimpse into G Research's mission to use AI and ML tools to drive financial market predictions. 00:00 Introduction and Guest Welcome 00:08 Overview of Alex's Role and OSPO 03:27 Importance of Open Source Contributions 04:37 Prioritizing Projects and G Research 07:27 Challenges and Collaboration 12:43 Personal Journey in Open Source 18:09 Encouraging Open Source Contributions Guest: Alex Scammon: Currently, I'm leading a large and intrepid band of open-source engineers engaged in a number of philanthropic upstream contributions on behalf of G-Research. All of our work centers around open-source data science and machine learning tools and the MLOps and HPC infrastructure to support those tools at scale. We're almost certainly hiring.... As part of this work, I'm also leading a discussion around batch scheduling on Kubernetes as the chair of the CNCF's Batch Working Group. Please reach out if this is an area of interest for you -- we'd love to have more voices at the table!…

Open at Intel

1
Cloud Native at the Edge 21:49

לפני 18 weeks21:49

21:49

In this episode, Mark Abrams discusses his role at SUSE as a domain solution architect specializing in edge computing. He shares insights on leveraging Kubernetes for edge solutions, the evolution of the open source community, and the importance of contributing to open source projects. They also touch upon the complexities and opportunities in cloud native technologies, the impact of AI, and future developments in edge computing and the open source ecosystem. 00:00 Introduction and Setting the Scene 00:50 Mark's Role and Interests at KubeCon 02:08 Discussing the New Book: Cloud Native Edge Essentials 03:43 The Evolution of Kubernetes and Cloud Native 05:58 Challenges and Solutions in Edge Computing 08:01 Open Source Community and Contributions 14:42 Future of Edge and AI Integration 20:20 Conclusion and Final Thoughts Guest: Mark Abrams has been involved in developing and delivering technology solutions for over 25 years. Mark has broad experience ranging from writing code for backend services, embedded systems, and user interfaces to managing and building technical teams and field activities around pre-sales engineering. Mark founded and led a technology enterprise using distributed methodologies before the modern day cloud existed. Mark was a part of the original team that brought k3s - the lightweight kubernetes - to market. Mark is currently a proud member of the Domain Solutions Architect's team at SUSE.…

Open at Intel

1
The Open Source AI Definition 20:36

לפני 21 weeks20:36

20:36

In this episode, Katherine speaks with Nick Vidal, Community Manager at the Open Source Initiative (OSI), about his role and the organization's work in defining open source AI. Nick shares insights into the challenges and discussions surrounding AI, software licenses, and the necessity for clear definitions and community consensus. He also elaborates on the Clearly Defined project aimed at securing the software supply chain and the importance of community feedback in evolving the OSI's stance on open source AI. 00:00 Introduction and Guest Introduction 00:37 Nick Vidal's Role at OSI 01:04 Community Involvement and Challenges 03:43 Defining Open Source AI 06:21 Handling Feedback and Criticism 13:14 Overview of Open Source AI Definition 16:16 Future Plans and Community Involvement 18:09 Closing Remarks and Invitation to Join Resources: The Open Source AI Definition Guest: Nick Vidal is Community Manager at the Open Source Initiative and former Outreach Chair at the Confidential Computing Consortium from the Linux Foundation. Previously, he was the Director of Community and Business Development at the Open Source Initiative and Director of Americas at the Open Invention Network.…

Open at Intel

1
Empowering Enterprises: OPEA, AI, and the Future of Storage 16:06

לפני 22 weeks16:06

16:06

In this episode, Daniel Valdivia, an engineer from MinIO, discusses his participation at KubeCon and his work in Kubernetes integrations and AI initiatives. We discussed the significance of object storage standardization via the Open Platform for Enterprise AI (OPEA) , emphasizing the flexibility and scalability of MinIO's offerings. Daniel highlights MinIO's contributions to open source projects like PyTorch and Spark and shares insights on new hardware technologies like PCIe Gen 5. Daniel also announces the launch of MinIO's new AI store, designed to empower enterprises to efficiently manage exascale infrastructure and AI pipelines. 00:00 Introduction 00:13 Meet Daniel Valdivia: Engineer at Minio 00:24 The Importance of Kubernetes Integrations 00:43 Intel's Open Platform for Enterprise AI 00:58 MinIO's Unique Object Storage Solutions 01:56 Community Participation and Contributions 02:18 Ensuring Compatibility with AI Hardware 03:20 The Role of OPEA in Enterprise AI 05:56 Open Source Contributions and Challenges 09:12 Future of AI and Hardware Innovations 13:23 Big Announcement 14:40 Conclusion and Final Thoughts Guest: Daniel Valdivia is an engineer with MinIO where he focuses on Kubernetes, ML/AI and VMware. Prior to joining MinIO, Daniel was the Head of Machine Learning for Espressive. Daniel has held senior application development roles with ServiceNow, Oracle and Freescale. Daniel holds a Bachelor of Engineering from Tecnológico de Monterrey, Campus Guadalajara and Bachelor of Science in Computer Engineering from Instituto Tecnológico y de Estudios Superiores de Monterrey.…

Open at Intel

1
Inside CISA: Enhancing Cybersecurity Through Collaboration and Open Source Initiatives 21:16

לפני 23 weeks21:16

21:16

In this episode, Jack Cable, Senior Technical Advisor at CISA, discusses the agency's role in securing the technology ecosystem, particularly focusing on open source software security. Jack explains what CISA is, its mission to protect critical infrastructure, and the significance of the 'Secure by Design' initiative. The conversation covers the collaboration efforts with the open source community, resources available for developers, and the importance of integrating security into software development. Jack also shares his personal journey into cybersecurity and emphasizes empowering developers to enhance security measures from the start. 00:00 Introduction 00:45 What is CISA? 01:26 CISA's Mission and Mandate 02:51 CISA's Role in Open Source Security 03:55 Collaborations and Initiatives 05:18 Open Source as Critical Infrastructure 07:11 Secure by Design and Developer Resources 10:41 Jack Cable's Journey into Cybersecurity 12:52 Empowering the Open Source Community 17:11 Bridging the Gap Between Developers and Security Communities 19:24 Conclusion and Final Thoughts Resources: Secure by Design CISA on Open Source Security Guest: Jack Cable is a Senior Technical Advisor at CISA, where he helps lead the agency’s work on open source software security and Secure by Design. At CISA, Jack authored CISA’s Open Source Software Security Roadmap and has co-led community efforts to standardize the security of package repositories. Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. There, Jack was the principal author of the Securing Open Source Software Act. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.…

Open at Intel

1
AI, Community, and the Future of Generative Applications 20:53

לפני 24 weeks20:53

20:53

In this engaging conversation at the All Things Open conference, Tim Spann, Principal Developer Advocate at Zilliz, discusses the importance of community collaboration in advancing AI technologies. He emphasizes the need for diverse perspectives in solving complex problems and highlights his work with the Milvus open source vector database. Tim also explains the evolving landscape of retrieval augmented generation (RAG) and its applications and shares insights into the future of AI development. The conversation concludes on a lighter note with Tim describing his creative use of Milvus in a fun Halloween project to catalog and identify ghosts. 00:00 Introduction 00:41 Meet Tim Spann: Principal Developer Advocate 01:35 The Importance of Community in AI 02:56 Advanced RAG and Multimodal Models 06:17 The Future of Agentic RAG 09:04 Challenges and Excitement in AI Development 13:35 Building AI the Right Way 17:50 Fun with AI: Capturing Ghosts 19:24 Conclusion and Final Thoughts Guest: Tim Spann is a Principal Developer Advocate for Zilliz and Milvus. He works with Apache NiFi, Apache Kafka, Apache Pulsar, Apache Flink, Flink SQL, Apache Pinot, Trino, Apache Iceberg, DeltaLake, Apache Spark, Big Data, IoT, Cloud, AI/DL, machine learning, and deep learning. Tim has over ten years of experience with the IoT, big data, distributed computing, messaging, streaming technologies, and Java programming. Previously, he was a Principal Developer Advocate at Cloudera, Developer Advocate at StreamNative, Principal DataFlow Field Engineer at Cloudera, a Senior Solutions Engineer at Hortonworks, a Senior Solutions Architect at AirisData, a Senior Field Engineer at Pivotal and a Team Leader at HPE. He blogs for DZone, where he is the Big Data Zone leader, and runs a popular meetup in Princeton & NYC on Big Data, Cloud, IoT, deep learning, streaming, NiFi, the blockchain, and Spark. Tim is a frequent speaker at conferences such as ApacheCon, DeveloperWeek, Pulsar Summit and many more. He holds a BS and MS in computer science.…

Open at Intel

1
Growing the Helm Community 23:29

לפני 25 weeks23:29

23:29

In this episode, Matt Butcher, CEO of Fermyon and a creator of the Helm project, returns to discuss his work with Helm—a nearly ubiquitous project in Kubernetes management. Matt provides insights into Helm's evolution from version 2 to version 3 and shares his vision for Helm 4. He emphasizes the importance of maintaining stability while embracing necessary changes and highlights the role of community contributions in open source projects like Helm. The conversation covers the new features and architectural changes planned for Helm 4, as well as how individuals can get involved in its development. Matt reflects on the significance of fostering a supportive and inclusive community and encourages new contributors to join the effort, noting the current opportune moment to influence Helm's future. 00:00 Introduction 00:37 The Helm Project 01:08 WebAssembly and Spin 3 01:54 Helm's Evolution and Future 04:22 Philosophy Behind Helm 4 11:35 Community Involvement and Contribution 18:46 Encouraging New Contributors Guest: Matt Butcher is co-founder and CEO of Fermyon, the serverless WebAssembly in the cloud company. He is one of the original creators of Helm, Brigade, CNAB, OAM, Glide, and Krustlet. He has written or co-written many books, including Learning Helm and Go in Practice. He is a co-creator of the Illustrated Children’s Guide to Kubernetes series. These days, he works mostly on WebAssembly projects such as Spin, Fermyon Cloud and Bartholomew. He holds a Ph.D. in Philosophy. He lives in Colorado, where he drinks lots of coffee.…

Open at Intel

1
Trust, Value, and Open Source: Inside Open Source Databases 23:22

לפני 26 weeks23:22

23:22

In this episode, Ann Schlemmer, CEO of Percona, discusses the company's 18-year journey rooted in open source principles, customer-centric approaches, and performance enhancements. She describes Percona's solutions for major databases like MySQL, MongoDB, Postgres, and their recent venture into the Redis space with the Valkey project. Anne emphasizes the importance of offering open source alternatives to proprietary licenses, maintaining trust and value with customers, and the need for businesses to contribute to and sustain the open source community. She also touches on the future of open source business models, the impact of security considerations, and how the open source ecosystem can adapt and evolve in the coming years. 00:00 Introduction and Welcome 00:14 Overview of Percona 01:33 Importance of Open Source Alternatives 02:45 Challenges in the Open Source Database Landscape 06:43 Percona's Community Contributions 09:01 Sustainability and Governance in Open Source 15:36 Future of Open Source Business Models 19:55 Unexpected Uses and Innovations Guest: Ann Schlemmer is the CEO of Percona, a leader in open source database software, support and services. In this role, Schlemmer builds upon Percona’s legacy of open source excellence, leading the company on its mission to help businesses make databases and applications run better through a unique combination of expertise and open source software. Having joined Percona in 2013, Schlemmer has held various leadership positions in the organization, including President, General Manager, Vice President of Customer Success, and Senior Director of Consulting.…

Open at Intel

1
Open Source Observability 28:37

לפני 27 weeks28:37

28:37

In this episode, Katherine Druckman interviews Dotan Horvits, a CNCF ambassador involved in the cloud native and open source community. Dotan shares insights on his passion for DevOps, observability, and his podcast 'Open Observability Talks.' He discusses his recent focus on CI/CD observability within the CNCF realm, the value and challenges of standardizing observability in release pipelines, and the role of AI in future observability improvements. The conversation also touches on the importance of developer experience, the evolving landscape of observability, and upcoming advancements in projects like Jaeger and Prometheus. Dotan emphasizes the importance of open source collaboration and invites listeners to get involved in related communities and projects. 00:00 Introduction 00:29 Dotan's Background and Experience 02:49 Current Projects and Passions 03:05 CI/CD Observability and OpenTelemetry 08:06 Developer Experience and Productivity 13:49 The Impact of AI on Observability 20:48 Future of Observability and Industry Trends Guest: Dotan Horovits lives at the intersection of technology, product and innovation. With over 20 years in the hi-tech industry as a software developer, a solutions architect and a product manager, he brings a wealth of knowledge in cloud and cloud-native solutions, DevOps practices and more. Horovits is an international speaker and thought leader, as well as an Ambassador of the Cloud Native Computing Foundation (CNCF). He runs the successful OpenObservability Talks podcast, where he evangelizes on Observability in IT systems using popular open source projects such as Prometheus, OpenSearch, Jaeger and OpenTelemetry.…

Open at Intel

1
Democratizing AI: Collaborative AI Development with InstructLab 20:53

לפני 28 weeks20:53

20:53

In this episode, we have an insightful discussion with Carol Chen from Red Hat at the All Things Open conference. Carol, who works in the Open Source Program Office at Red Hat, shares her experiences and insights on her ongoing project, InstructLab, a collaboration with IBM aimed at applying open source methods to building and training large language models. The conversation covers the importance of democratizing AI, reducing the fear and misconceptions surrounding AI technology, and making AI tools and concepts more accessible and understandable for everyone, including those who are not tech-savvy. Carol also discusses the social responsibility associated with AI development, emphasizing the need for transparency and community collaboration. 00:00 Introduction and Welcome 00:17 Carol's Background and Role at Red Hat 01:00 AI and Open Source 03:13 Challenges and Opportunities in AI 06:43 InstructLab: Making AI Accessible 12:09 Personal Journey into AI 15:37 AI Ethics and Open Source Resources: Applying Open Source Methods to Building and Training Large Language Models - Carol Chen & JJ Asghar Guest: Carol Chen is a Community Architect at Red Hat, supporting and promoting various upstream communities such as InstructLab, Ansible and ManageIQ. She has been actively involved in open source communities while working for Jolla and Nokia previously. In addition, she also has experiences in software development/integration in her 12 years in the mobile industry. Carol has spoken at events around the world, including DevConf.CZ in Czech Republic and OpenInfra Summit in China. On a personal note, Carol plays the Timpani in an orchestra in Tampere, Finland, where she now calls home.…

Open at Intel

1
Bridging the Gap: Open Source Security and Web Development 25:30

לפני 30 weeks25:30

25:30

In this episode, Dan Applequist of Samsung explores the intersection of open source security and web development. Drawing from his extensive experience with the World Wide Web Consortium (W3C) and initiatives like Open Source Security Foundation (OpenSSF) and C2PA, Dan discusses the challenges and opportunities of uniting the open source security community with web developers. Emphasis is placed on the critical importance of mobile security, considering the sensitive information on mobile devices and industry best practices such as OWASP guidelines. The conversation also highlights the importance of security education, referencing resources like OpenSSF Security 101 and OWASP's global meetups. Additionally, media authenticity through protocols like C2PA and the role of organizations such as the BBC in this domain are discussed. The episode concludes with recommendations for developers to enhance their security practices through continuous learning and community engagement. 00:00 Introduction 00:25 Dan's Role at Samsung and Open Source Contributions 00:45 Web Standards and Privacy Initiatives 04:20 Bridging Web Development and Open Source Security 08:08 Challenges in Web and Mobile Security 09:26 The Importance of Mobile Security 11:40 Threat Models and Security Concerns 12:05 Protecting Yourself and Your Data 12:38 Web Security Best Practices 13:46 Challenges for Web Developers 15:28 Open SSF and W3C Collaboration 17:36 Expanding Security Education 19:44 The Importance of Media Authenticity 22:25 Final Thoughts and Future Discussions Resources: W3C SWAG Group: https://www.w3.org/community/swag/ - and GitHub repo https://github.com/w3c-cg/swag with meeting minutes Last year's W3C / OpenSSF/ OWASP / OpenJS "Secure the Web Forward" workshop: https://www.w3.org/2023/03/secure-the-web-forward/ (includes videos of all talks and workshop report) W3C Ethical Web Principles https://www.w3.org/TR/ethical-web-principles/ W3C Privacy Principles https://www.w3.org/TR/privacy-principles/ W3C Security & Privacy self-check https://www.w3.org/TR/security-privacy-questionnaire/ Guest: Dan Appelquist is Open Source Strategist at Samsung Open Source Group. He is a web & mobile industry veteran and long-time participant and leader in open source and open standards. He has been co-chair of the W3C Technical Architecture Group for the last ten years. He was an early web pioneer and "dot-com CTO." He's led efforts at Vodafone, Telefónica, Samsung and the UK Government relating to open standards and the open web. You may find him on the Fediverse at @ torgo@mastodon.social .…

Open at Intel

1
From Fear to Confidence: Navigating Open Source Security 25:20

לפני 32 weeks25:20

25:20

In this episode, we welcomed back Christopher Robinson, aka CRob, to discuss his extensive work in the Open Source Security Foundation (OpenSSF). We chatted about the importance of open source software security, detailing the various initiatives aimed at improving security standards. CRob shares insights into the working groups and projects within OpenSSF, focusing on their efforts to educate developers and security researchers. We also touched on the upcoming SOSS Fusion event, and its role in fostering community engagement and collaboration in open source security. We encourage listeners to join these endeavors and contribute to solving significant security challenges. 00:00 Welcome Back, CRob! 00:52 Diving into Open Source Security 01:20 Understanding the OpenSSF 04:18 Key Personas in Open Source Security 09:44 Educational Resources for Developers 12:17 Getting Involved with OpenSSF Projects 15:27 Upcoming Event: SOSS Fusion 17:47 The Value of Open Source Events 21:48 Final Thoughts and Future Plans Resources: OpenSSF SOSS Fusion Guest: Christopher Robinson (aka CRob) is the Director of Security Communications at Intel Product Assurance and Security. CRob is a 41st level Dungeon Master and a 24th level Securityologist. He has worked at several Fortune 500 companies with experience in the Financial, Medical, Legal, and Manufacturing verticals, and spent 6 years helping lead the Red Hat Product Security team as their Program Architect. CRob has been a featured speaker at Gartner’s Identity and Access Management Summit, RSA, BlackHat, DefCon, Derbycon, the (ISC)2 World Congress, and was named a "Top Presenter" for the 2017 and 2018 Red Hat Summits. CRob was the President of the Cleveland (ISC)2 Chapter, and is also a children's Cybersecurity Educator with the (ISC)2 Safe-and-Secure program. He holds a Certified Information Systems Security Professional (CISSP) certification, Certified Secure Software Lifecycle Professional (CSSLP) certification, and The Open Group Architecture Framework (TOGAF) certification. He is heavily involved in the Forum for Incident Response and Security Teams (FIRST) PSIRT SIG, collaborating in writing the FIRST PSIRT Services Framework, as well as the PSIRT Maturity Assessment framework. CRob is also the lead/facilitator of the Open Source Security Foundation (OpenSSF) Vulnerability Disclosures and OSS Developer Best Practices working groups as well as a Technical Advisory Committee (TAC) member. He enjoys hats, herding cats, and moonlit walks on the beach.…

Open at Intel

1
Understanding Milvus: The Power of a Vector Database 26:45

לפני 33 weeks26:45

26:45

In this episode, Steven Batifol, a Developer Advocate at Zilliz, discusses his role in fostering the MLOps community, the significance of vector databases like Milvus , and the importance of open source ecosystems. We covered the excitement of developing creative demos, the challenges facing developers in the AI space, and the rapid advancements in LLMs and AI agents. We even learn some trivia about Germany and fax machines! 00:00 Introduction 00:16 Developer Advocacy 01:02 The MLOps Community in Berlin 01:51 Joining Zilliz and Working with Milvus 04:46 Fun and Creative Demos 10:21 Challenges in the AI/ML Community 13:00 The Importance of Open Source 17:02 Upcoming Open Source Summit Presentation 20:14 Future of AI and LLMs 24:24 Conclusion Guest: Stephen Batifol is a Developer Advocate at Zilliz. He previously worked as a Machine Learning Engineer at Wolt, where he created and worked on the ML Platform, and previously as a Data Scientist at Brevo. Stephen studied Computer Science and Artificial Intelligence. He is a founding member of the MLOps.community Berlin group, where he organizes Meetups and hackathons. He enjoys boxing and surfing.…

Open at Intel

1
What is RAG? 23:08

לפני 35 weeks23:08

23:08

Katherine Druckman talks to fellow Intel Open Source Evangelist Ezequiel Lanza about building and deploying AI applications using Retrieval Augmented Generation. We break down RAG concepts and processes involved in providing additional context to general AI models for specialized use cases. Guest: Passionate about helping people discover the exciting world of artificial intelligence, Ezequiel Lanza is a frequent AI conference presenter and the creator of use cases, tutorials, and guides that help developers adopt open source AI tools.…

Open at Intel

1
Unlocking Developer Potential 35:38

לפני 36 weeks35:38

35:38

Katherine speaks with Demetris Cheatham, the Chief of Staff to the CEO of GitHub, about her unique perspective on the open source landscape. The discussion covers her experiences in various sectors and the impactful 'All In' project created to elevate developers from underrepresented backgrounds. They highlight the significance of community, the power of relationships, and the pivotal role of natural language and AI in making coding more accessible globally. The talk also addresses critical challenges like the digital divide, funding for diversity programs, and the importance of evolving diversity, equity, and inclusion efforts in tech. 00:00 Introduction 00:26 Connecting Through Open Source 02:02 Role and Responsibilities at GitHub 05:06 Diversity and Inclusion Initiatives 09:16 Challenges in Computer Science Education 12:51 Equity and Systemic Change 16:21 The Journey to a Billion Developers 24:07 Building Relationships in Open Source 31:37 Final Thoughts and Takeaways Sitting on GitHub’s Executive Leadership team, Demetris Cheatham is currently the Chief of Staff for the CEO of GitHub, where she acts as the CEO’s trusted partner to move all of software development forward. Demetris is particularly passionate about the evolving nature of open source in the age of AI. Before her time as COS to the CEO, Demetris was Senior Director for Diversity, Inclusion and Belonging Strategy at GitHub, the Global Diversity and Inclusion at Lead at Red Hat, and was the first woman and youngest Executive Director to lead the National Bar Association, the United States’ oldest and largest international network of over 65,000 predominantly African-American attorneys and judges.…

Open at Intel

1
AI Development and Guardrails 35:38

לפני 37 weeks35:38

35:38

Ezequiel Lanza and Katherine Druckman from Intel's Open Ecosystem team chat with Daniel Whitenack, founder and CEO of Prediction Guard. They discuss the importance and implementation of guardrails for securing generative AI platforms and cover the operational challenges and security considerations of running AI models, the concept of responsible AI, and practical advice for integrating guardrails into AI workflows. Additionally, the conversation touches on multi-model integrations, open source contributions, and the significance of vendor-neutral frameworks in achieving a secure and efficient AI ecosystem. 00:00 Introduction 01:28 What is Prediction Guard? 03:31 Understanding Guardrails in AI 06:49 Security Risks and Responsible AI 13:30 Open Source and Model Security 19:00 Open Platform for Enterprise AI 20:26 Contributing to Open Source Projects 27:12 Final Thoughts Guest: Daniel Whitenack (aka Data Dan) is a Ph.D. trained data scientist and founder of Prediction Guard . He has more than ten years of experience developing and deploying machine learning models at scale, and he has built data teams at two startups and an international NGO with 4000+ staff. Daniel co-hosts the Practical AI podcast , has spoken at conferences around the world (ODSC, Applied Machine Learning Days, O’Reilly AI, QCon AI, GopherCon, KubeCon, and more), and occasionally teaches data science/analytics at Purdue University.…

Open at Intel

1
The Fork in the Road: Understanding Community Dynamics 34:15

לפני 38 weeks34:15

34:15

Taylor Dolezal from the Cloud Native Computing Foundation discusses his role as the Head of Ecosystem, working closely with end-users implementing CNCF projects. He shares his open source origin story, tracing back to high school programming experiences. We touched on community dynamics, experiences with project forks, and the evolving landscape of AI and its intersection with open source. We also discuss the importance of sustainability in open source communities and the critical role of vendor neutrality. 00:00 Introduction 01:45 Open Source Origin Story 11:04 Project Forks and Community Dynamics 17:20 HashiCorp and OpenTofu: A Fork in the Road 19:46 Navigating the AI Frontier 23:28 The Challenges of AI Standardization 26:17 The Importance of Vendor Neutrality 28:02 Balancing Priorities in Open Source 29:51 Sustaining Open Source Communities Guest: Taylor Dolezal navigates the cloud native universe with a knack for puns and a keen eye for psychology. Living in the heart of LA, he blends tech innovation with mental insights, one punny cloud at a time. Avid reader, thinker, and cloud whisperer.…

Open at Intel

1
Open Source is Critical Infrastructure 37:13

לפני 39 weeks37:13

37:13

In this episode, we chat with Luis Villa, co-founder of Tidelift , about everything from supporting open source maintainers to coding with AI. Luis, a former programmer turned attorney, shares stories from his early days of discovering Linux, to his contributions to various projects and organizations including Mozilla and Wikipedia. We discussed the critical importance of open source software, the challenges faced by maintainers, including burnout, and how Tidelift works toward compensating maintainers. We also explore broader themes about the sustainability of open source projects, the impact of AI on code generation and legal concerns, and the need for a more structured and community-driven approach to long-term project maintenance. 00:00 Introduction 03:20 Challenges in Open Source Sustainability 07:43 Tidelift's Role in Supporting Maintainers 14:18 The Future of Open Source and AI 32:44 Optimism and Human Element in Open Source 35:38 Conclusion and Final Thoughts Guest: Luis Villa is co-founder and general counsel at Tidelift. Previously he was a top open source lawyer advising clients, from Fortune 50 companies to leading startups, on product development, open source licensing, and other matters. Luis is also an experienced open source community leader with organizations like the Wikimedia Foundation, where he served as deputy general counsel and then led the Foundation’s community engagement team. Before the Wikimedia Foundation, he was with Greenberg Traurig, where he counseled clients such as Google on open source licenses and technology transactions, and Mozilla, where he led the revision of the Mozilla Public License. He has served on the boards at the Open Source Initiative and the GNOME Foundation, and been an invited expert on the Patents and Standards Interest Group of the World Wide Web Consortium and the Legal Working Group of OpenStreetMap. Recent speaking engagements include RedMonk’s Monki Gras developer event, FOSDEM, and as a faculty member at the Practicing Law Institute’s Open Source Software programs. Luis holds a JD from Columbia Law School and studied political science and computer science at Duke University.…

Open at Intel

1
When You Have to Fork a Project: All About Valkey 25:49

לפני 40 weeks25:49

25:49

In this episode, Madelyn Olson, a maintainer of the Valkey project and an AWS engineer, joins us to discuss the life of an open source maintainer and the experiences surrounding the launch of the Valkey project. We cover the pivotal moments that led to the creation of Valkey, a Redis fork, following the Redis license change. Madelyn also shares insights on the challenges and pressures of being a maintainer, strategies to manage burnout, and the significance of creating a community-driven, open source project. The episode highlights the technical advancements and future directions for Valkey, working to leverage modern hardware, manage large clusters, and expand the extension ecosystem. 00:00 Introduction 00:48 Redis License Change and Birth of Valkey 06:17 Maintainer Life and Burnout 14:54 Forking a Repository: When and Why 19:30 Community-Driven Open Source Projects 21:32 Future of Valkey and Closing Remarks Guest: Madelyn Olson is a co-creator and maintainer of Valkey, a high-performance key-value datastore, and Principal Engineer at Amazon Web Services (AWS). She focuses on building secure and highly reliable features, with a passion in working with open-source communities.…

Open at Intel

1
What is the AI Alliance? 33:34

לפני 41 weeks33:34

33:34

In this episode, Intel's open source AI evangelist Ezequiel Lanza and Dave Nielsen from IBM join the discussion to talk about the AI Alliance , a collaborative initiative formed by IBM and Meta in December 2023. We discussed the importance of openness in AI, how it fosters innovation, community involvement, and ensures AI remains safe and trustworthy. We also covered the significance of community in technology development, and upcoming events such as the Open Source AI Demo Night showcasing innovative AI applications. The episode emphasizes the role of open models in making technology more accessible globally. 00:00 Introduction 00:43 What is the AI Alliance? 04:48 The Importance of Openness in AI 11:47 AI for Good and Community Involvement 15:28 Upcoming Events and How to Get Involved Guests: Dave Nielsen represents IBM as the head of community at the AI Alliance, which brings together compute, data, tools, and talent to accelerate and advocate for open innovation in AI. Prior to IBM, Dave led community programs at companies like MongoDB, Harness, Redis and PayPal. Dave is known for creating community events, such as CloudCamp, and for writing the book PayPal Hacks. Passionate about helping people discover the exciting world of artificial intelligence, Ezequiel Lanza is a frequent AI conference presenter and the creator of use cases, tutorials, and guides that help developers adopt open source AI tools.…

Open at Intel

1
The Burden of Security in Software Maintenance 26:37

לפני 42 weeks26:37

26:37

In this episode, John Kjell, Director of Open Source at TestifySec, discusses his involvement in various open source projects and the intricacies of maintaining such projects. John sheds light on his work with the CNCF and OpenSSF , and the impact of tools like Witness , Archivista , and SLSA . He outlines the challenges maintainers face, especially around security, and offers insights into balancing professional and personal responsibilities. John also explores the significance of community, inclusivity, and a secure developer identity in open source ecosystems. 00:00 Introduction and Guest Background 01:20 Maintainer Burnout and Security Challenges 04:41 Balancing Multiple Projects and Personal Life 07:15 Security Risks in Smaller Projects 10:13 Developer Identity and Reputation 19:37 Open Source Origin Story and Community Involvement 24:11 Optimism for the Future of Open Source Security Resources: Enhancing Open Source Security: Introducing Siren by OpenSSF – Open Source Security Foundation Security at Every Step: Why Software Supply Chains Are Critical Guest: John Kjell is responsible for open source at TestifySec, a software supply chain security startup. He is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is an active contributor to CNCF's TAG Security and multiple projects within the OpenSSF. Before TestifySec, John was an engineering leader at VMware, helping to bring supply chain security features to the Tanzu Application Platform.…

Open at Intel

1
Dosu: An AI Tool for Maintaining Code 25:11

לפני 43 weeks25:11

25:11

In this episode, Devin Stein, founder of Dosu , shares his journey from being an active open source user and maintainer to solving maintainer burnout with Dosu, a GitHub app designed to automate and streamline open source project management. He discusses key pain points faced by maintainers, the innovative use of LLMs to enhance task automation, and his partnership with the CNCF to support various projects. Stein reflects on the broader impact of AI in open source maintenance, emphasizing the potential to enhance efficiency and community engagement while preserving the human element in open source development. 00:00 Introduction 02:21 Challenges Faced by Open Source Maintainers 06:53 How Dosu Works 11:39 Partnership with the CNCF 16:39 Future of Open Source and AI Guest: Devin Stein is the CEO and Founder of Dosu. Prior to Dosu, Devin was an early engineer and leader at various startups. Outside of work, he is an active open source contributor and maintainer.…

Open at Intel

1
That Open Source Maintainer Life 30:14

לפני 44 weeks30:14

30:14

Sarah Christoff discusses her experiences and challenges as an open source maintainer with a focus on her work with the Porter and Zarf projects. Sarah shares insights into the frustrations and isolation often felt by maintainers, and emphasizes the importance of community and human connections in navigating these roles. We chatted about of Porter and its function in simplifying complex DevOps tool integrations. Additionally, Sarah talks about Zarf, a project recently donated to the OpenSSF aimed at facilitating air-gapped Kubernetes deployments. 00:00 Introduction 01:29 Challenges of Being an Open Source Maintainer 03:12 The Human Element in Software Development 05:45 Advice for Aspiring Maintainers 08:42 The Porter Project 11:10 The Zarf Project 13:09 The Importance of Community in Open Source 15:31 Women in Tech and Role Models 21:45 Animal Rescue and Community Building 26:10 Final Thoughts and Hot Takes on Open Source Guest: Sarah Christoff is a software engineer at Defense Unicorns who loves making complex code more digestible. She is the self-proclaimed founder of the Leslie Lamport fan club. When she's not bugbusting, she is running her animal rescue and competing in triathlons. She believes code should be like cats: intelligent, fluffy, and easy to take care of.…

Open at Intel

1
Tightening Our Cloud Native Belts: OpenCost for Kubernetes Cost Monitoring 23:00

לפני 46 weeks23:00

23:00

Matt Ray, the community manager for the CNCF sandbox project OpenCost, discusses their cloud and Kubernetes cost monitoring technology. He covers the capabilities of OpenCost in tracking cloud expenses and its new feature for monitoring carbon costs. Matt elaborates on the project's origin, its open source community, and the collaborative effort with other companies like Grafana and Microsoft. The conversation covers the community's growth, contribution processes, and OpenCost's goals for becoming more diverse and integrated with other technologies. Matt also reflects on the increasing interest in cost monitoring and his personal journey in the open source community. 00:00 Introduction to Matt Ray and OpenCost 01:09 OpenCost's Origins and CNCF Contribution 02:25 OpenCost vs. KubeCost: Defining the Boundaries 03:35 Adoption and Integration of OpenCost 04:30 Community Contributions and Project Growth 07:00 Flexibility and Use Cases of OpenCost 13:58 Becoming a Committer and Maintainer 14:47 Community Engagement and Participation 15:25 Future Plans and Focus 16:39 Carbon Cost and Plugin Architecture 17:53 Personal Journey in Open Source Guest: Matt Ray has been active in Open Source and DevOps communities for over two decades and has spoken at and helped organize many conferences and meetups. He is currently the Senior Community Manager at Kubecost for the CNCF Sandbox Project OpenCost. He has worked in and with enterprises and startups across a wide variety of industries including banking, retail, and government. He currently resides in Sydney, Australia after relocating from Austin, Texas. He co-hosts the Software Defined Talk podcast and is active on Mastodon, GitHub, and too many Slacks.…

Open at Intel

1
Fine-Grained Authorization with OpenFGA 22:08

לפני 47 weeks22:08

22:08

Andres Aguiar joins us to discuss OpenFGA, an open source project for managing fine-grained authorization. Andres covers the challenges in implementing authorization and the importance of using precise access controls to enhance security. He outlines the project's journey, use cases, and how it can be integrated into different software environments. The conversation highlights the community's contributions, the roadmap for OpenFGA, and the potential of AI in improving security through centralized logging and anomaly detection. 00:13 Meet Andres and OpenFGA 01:48 Project Maturity and Community 02:55 Adoption and Use Cases 04:43 Contributions and Integrations 05:59 Understanding Relationship-Based Access Control 16:13 Future Roadmap and AI Potential Guest: Andres Aguiar has spent his 20+ year career building tools for developers, wearing different hats. He’s been working on the identity space for the last 6 years, and is currently the Product Manager for OpenFGA.…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.