tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417 cover art

tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417

tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417

Listen for free

View show details

About this listen

 Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

Topic Segment - Should the US Go on the Cyber Offensive?

Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

News Segment

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-417
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.