![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
60 episodes
![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
Left to Our Own Devices Cybellum Technologies LTD
-
- Technology
-
-
5.0 • 3 Ratings
-
Introducing Left to Our Own Devices - the podcast dedicated to everything product security.
Every other week, we will be talking with a different cybersecurity policymaker, engineer, or industry leader to hear their war stories and get their insider tips for surviving the product security jungle.
From Medical SBOMs, to WP. 29 and the latest industrial security threats, this is your place to catch up and learn from the pros.
Left to Our Own Devices is brought to you by Cybellum. To learn more, visit Cybellum.com
-
Tom Alrich Returns: Our Vulnerability Problem (Bonus Episode)
In this special bonus episode, we welcome back Tom Alrich, an expert in supply chain cybersecurity to discuss one of the most pressing issues in cybersecurity right now. Tom discusses the current issues with the National Vulnerability Database (NVD) and the challenges it presents for effective vulnerability management. We explore his proposed solutions and the future of software supply chain security, based on his extensive experience.
If you'd like to reach out to Tom, his email address is tom@tomalrich.com.
Additional links/resources mentioned during the episode or relevant to the discussion (if the links are not clickable please visit cybellum.com/podcasts to find them)
The SBOM Forum's 2022 white paper on fixing the CPE problem in the NVDTom's post from yesterday on the problem with vulnerability managementThe link to the SBOM Forum's website, where donations can be made (please email Tom before donating)An additional post he published on the day we recorded the episode which further highlights the NVD issueTom's book "Introduction to SBOM and VEX" which is out now
Tom also mentioned that he misspoke when he said at the end that the OWASP Vulnerability Database Working Group is meeting twice weekly. In reality, they are only meeting twice monthly, as he can't afford to dedicate more time than that. They would love to meet at least weekly and also create documents, webinars, and more. Therefore, they are seeking some modest donations to support these efforts. -
Ashwini Siddhi: From Dell to GoDaddy
Join us as we dive into the journey of Ashwini Siddhi, Director of Product Security Engineering at GoDaddy. Ashwini shares her experiences from Dell to GoDaddy, her expertise in threat modeling, and the pivotal role of Bengaluru in her career. We also explore her advocacy for diversity and inclusion in cybersecurity and her influential mentorship with Women in Cyber.
-
Scott Sheahan: From Aerospace to Automotive Cybersecurity
We sat down with Scott Sheahan, the owner of Rustic Security, to learn from his rich background in the automotive cybersecurity world and embedded software development.
-
Dmitri Shifrin: Cybersecurity & AI at NVIDIA
We sat down with a System Security Architecture Manager at NVIDIA, to discuss the convergence of Automotive cybersecurity and AI, as well as NVIDIA's Morpheus Cybersecurity Framework.
-
Chaitanya Mattur Srinivasamurthy: Leading Cybersecurity at ICU Medical
We sat down with the Sr Director of Cyber Security & Medical Device Connectivity Engineering at ICU Medical to discuss medical device cybersecurity, FDA, and balancing innovation and security.
-
Steve Orrin: Leading Cybersecurity at Intel and Beyond
In this episode, we talk to Steve Orrin, Chief Technology Officer and Senior PE at Intel Federal, about his unique journey from biology to cybersecurity leadership. We discuss the main challenges faced by federal bodies in the cybersecurity landscape and how they differ across industries like Aerospace, Education, and Healthcare.
Steve shares valuable insights on product cybersecurity, emphasizing the growing interest from governments worldwide, as seen in regulations like the FDA Premarket Guidance and the Cyber Resilience Act. He offers advice to vendors, suppliers, and users on navigating this evolving regulatory landscape.
Customer Reviews
Perfect themed discussion
Looking forward to understanding thought leadership from different industries and how they are responding to both regulations as well as position leadership in the area of product security.