How to Recover from the Log4j Supply Chain Attack with Ilkka Turunen
3/16/2022
0:00
35:56
In this episode of the HackerNoon Podcast, Amy Tom sits down with Ilkka Turunen to talk about Supply Chain Security. They go over the Log4J incident that made a lot of apps built-in Java vulnerable to exploitation, what it means to be a field CTO, how companies can place themselves to collect user feedback, and a lot more!
Ilkka Turunen is the Field CTO of https://www.sonatype.com/ (Sonatype).
On this episode of the HackerNoon Podcast, Amy Tom and Ilkka Turunen chat about:
- What is a field CTO anyways? 🤔 (01:20)
- How do you stay in the loop on customer needs and feedback? ➿ (05:19)
- How has Ikka’s job as a field CTO changed since the pandemic started? 😷 (07:30)
- Supply chain attacks have increased since the pandemic started. How have Sonatype’s customers and the business changed over this period? 🧰 (08:53)
- Breaking down how the executive order by Biden’s administration regarding supply chains is affecting the software industry ⚙️ (10:06)
- What is the best way to mitigate supply chain risk? ⚠️ (11:49)
- Getting into vendor due diligence as mitigation of supply chain risk 🚩(17:22)
- Learnings from the Log4J incident 📝 (22:44)
- Why are 40% of Log4J downloads still the old vulnerable versions? ☢️ (25:47)
Log4J vulnerability resource center:
Find Ilkka Turunen online:
Learn more about HackerNoon:
- To read HackerNoon stories, check out hackernoon.com
- To apply for a position, check out https://careers.hackernoon.com/
- To participate in HackerNoon writing contests, check out https://hackernoon.com/u/hackernooncontests
More episodes from "Tech Stories from HackerNoon"
Don't miss an episode of “Tech Stories from HackerNoon” and subscribe to it in the GetPodcast app.