Rapid 7 - [Security Nation] Jacques Chester of Shopify Talks CVSS Scores
In this episode of Security Nation, Shopify Senior Staff Software Developer Jacques Chester joins Jen and Tod to discuss his intriguing paper on CVSS scores and the overall oddness of vulnerability distribution. The trio also dives into Jacques’ journey to understanding how security systems affect people in the real world.
Stick around for our Rapid Rundown, where Tod and Jen discuss PyPi's alert to certain open-source publishers about the institution of 2FA technology on the platform.
Jacques Chester
Jacques is a Senior Staff Software Developer at Shopify in the Ruby & Rails Infrastructure group. He leads work on upstream and community improvements to supply chain security, with a focus on the Ruby ecosystem. Previously he worked in cloud-native platforms and consulting for VMware and Pivotal. He is a cat dad.
Show notes
Interview Links
Rapid Rundown Links
- Bleeping Computer story: PyPI mandates 2FA for critical projects, developer pushes back
- Twitter thread on deleting atomicwrites, and undeleting it
PyPi issues mentioned
- https://github.com/pypi/warehouse/issues/11625
- https://github.com/pypi/warehouse/issues/11805
- https://github.com/pypi/warehouse/issues/11798
Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.
Want More Inspiring Stories From the Security Community?
Subscribe to Security Nation Todayfrom Rapid7 Blog https://blog.rapid7.com/2022/07/20/security-nation-jacques-chester-of-shopify-talks-cvss-scores/
Comments
Post a Comment