{"id":15035,"date":"2023-05-16T02:00:40","date_gmt":"2023-05-16T09:00:40","guid":{"rendered":"https:\/\/softwareengineeringdaily.com\/?p=15035"},"modified":"2023-08-28T16:36:26","modified_gmt":"2023-08-28T23:36:26","slug":"software-supplychain","status":"publish","type":"post","link":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/","title":{"rendered":"Software Supply Chain with Feross Aboukhadijeh"},"content":{"rendered":"

\"\"<\/a>The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers.<\/p>\n

Socket<\/a> is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the industry that has historically been obsessed with just reporting on known vulnerabilities.<\/p>\n

Feross<\/a> is the Founder and CEO of Socket Security, and he joins us today.<\/p>\n

\n
This Interview was\u00a0recorded at\u00a0Open Source Summit North America<\/a> and wouldn’t have been possible without the generous support from<\/div>\n
The Linux Foundation<\/a>.<\/div>\n<\/div>\n
\"\"\u1427<\/span><\/div>\n

 <\/p>\n

\"\"<\/a>Jordi Mon Companys<\/span><\/a> is a product manager and marketer that specializes in software delivery, developer experience, cloud native and open source. He has developed his career at companies like GitLab, Weaveworks, Harness and other platform and devtool providers. His interests range from software supply chain security to open source innovation. You can reach out to him on Twitter at <\/span>@jordimonpmm<\/span><\/a><\/p>\n

\n

Sponsorship inquiries: sponsor@softwareengineeringdaily.com<\/a><\/p>\n<\/div>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new<\/p>\n","protected":false},"author":3,"featured_media":15037,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[1363,2143,5755,5763,14,1083,1],"tags":[5725,112,5726,5322],"class_list":["post-15035","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-all-episodes","category-exclusive-content","category-hosts","category-jordi-mon-companys","category-podcast","category-security","category-uncategorized","tag-feross-aboukhadijeh","tag-security","tag-socket","tag-software-supply-chain"],"jetpack_publicize_connections":[],"acf":[],"yoast_head":"\nSoftware Supply Chain with Feross Aboukhadijeh - Software Engineering Daily<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Software Supply Chain with Feross Aboukhadijeh - Software Engineering Daily\" \/>\n<meta property=\"og:description\" content=\"The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new\" \/>\n<meta property=\"og:url\" content=\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\" \/>\n<meta property=\"og:site_name\" content=\"Software Engineering Daily\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-16T09:00:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-28T23:36:26+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1218\" \/>\n\t<meta property=\"og:image:height\" content=\"646\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"SE Daily\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@software_daily\" \/>\n<meta name=\"twitter:site\" content=\"@software_daily\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"SE Daily\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\"},\"author\":{\"name\":\"SE Daily\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/822f06fe7d6f895baba29a9c0a3aa6c8\"},\"headline\":\"Software Supply Chain with Feross Aboukhadijeh\",\"datePublished\":\"2023-05-16T09:00:40+00:00\",\"dateModified\":\"2023-08-28T23:36:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\"},\"wordCount\":192,\"publisher\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1\",\"keywords\":[\"Feross Aboukhadijeh\",\"Security\",\"Socket\",\"Software Supply Chain\"],\"articleSection\":[\"All Content\",\"Exclusive Content\",\"Hosts\",\"Jordi Mon Companys\",\"Podcast\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\",\"url\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\",\"name\":\"Software Supply Chain with Feross Aboukhadijeh - Software Engineering Daily\",\"isPartOf\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1\",\"datePublished\":\"2023-05-16T09:00:40+00:00\",\"dateModified\":\"2023-08-28T23:36:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1\",\"width\":1218,\"height\":646},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/softwareengineeringdaily.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Software Supply Chain with Feross Aboukhadijeh\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#website\",\"url\":\"https:\/\/softwareengineeringdaily.com\/\",\"name\":\"Software Engineering Daily\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/softwareengineeringdaily.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#organization\",\"name\":\"Software Engineering Daily\",\"url\":\"https:\/\/softwareengineeringdaily.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2024\/01\/cropped-sed_website_banner.png?fit=549%2C169&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2024\/01\/cropped-sed_website_banner.png?fit=549%2C169&ssl=1\",\"width\":549,\"height\":169,\"caption\":\"Software Engineering Daily\"},\"image\":{\"@id\":\"https:\/\/softwareengineeringdaily.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/software_daily\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/822f06fe7d6f895baba29a9c0a3aa6c8\",\"name\":\"SE Daily\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/87cddb92997841dafa04aa675bbdaca4?s=96&d=retro&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/87cddb92997841dafa04aa675bbdaca4?s=96&d=retro&r=pg\",\"caption\":\"SE Daily\"},\"description\":\"The SE Daily podcast.\",\"sameAs\":[\"https:\/\/softwareengineeringdaily.com\"],\"url\":\"https:\/\/softwareengineeringdaily.com\/author\/erikawho\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Software Supply Chain with Feross Aboukhadijeh - Software Engineering Daily","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/","og_locale":"en_US","og_type":"article","og_title":"Software Supply Chain with Feross Aboukhadijeh - Software Engineering Daily","og_description":"The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new","og_url":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/","og_site_name":"Software Engineering Daily","article_published_time":"2023-05-16T09:00:40+00:00","article_modified_time":"2023-08-28T23:36:26+00:00","og_image":[{"width":1218,"height":646,"url":"http:\/\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png","type":"image\/png"}],"author":"SE Daily","twitter_card":"summary_large_image","twitter_creator":"@software_daily","twitter_site":"@software_daily","twitter_misc":{"Written by":"SE Daily","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#article","isPartOf":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/"},"author":{"name":"SE Daily","@id":"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/822f06fe7d6f895baba29a9c0a3aa6c8"},"headline":"Software Supply Chain with Feross Aboukhadijeh","datePublished":"2023-05-16T09:00:40+00:00","dateModified":"2023-08-28T23:36:26+00:00","mainEntityOfPage":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/"},"wordCount":192,"publisher":{"@id":"https:\/\/softwareengineeringdaily.com\/#organization"},"image":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1","keywords":["Feross Aboukhadijeh","Security","Socket","Software Supply Chain"],"articleSection":["All Content","Exclusive Content","Hosts","Jordi Mon Companys","Podcast","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/","url":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/","name":"Software Supply Chain with Feross Aboukhadijeh - Software Engineering Daily","isPartOf":{"@id":"https:\/\/softwareengineeringdaily.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage"},"image":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1","datePublished":"2023-05-16T09:00:40+00:00","dateModified":"2023-08-28T23:36:26+00:00","breadcrumb":{"@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#primaryimage","url":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1","contentUrl":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1","width":1218,"height":646},{"@type":"BreadcrumbList","@id":"https:\/\/softwareengineeringdaily.com\/2023\/05\/16\/software-supplychain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/softwareengineeringdaily.com\/"},{"@type":"ListItem","position":2,"name":"Software Supply Chain with Feross Aboukhadijeh"}]},{"@type":"WebSite","@id":"https:\/\/softwareengineeringdaily.com\/#website","url":"https:\/\/softwareengineeringdaily.com\/","name":"Software Engineering Daily","description":"","publisher":{"@id":"https:\/\/softwareengineeringdaily.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/softwareengineeringdaily.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/softwareengineeringdaily.com\/#organization","name":"Software Engineering Daily","url":"https:\/\/softwareengineeringdaily.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/softwareengineeringdaily.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2024\/01\/cropped-sed_website_banner.png?fit=549%2C169&ssl=1","contentUrl":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2024\/01\/cropped-sed_website_banner.png?fit=549%2C169&ssl=1","width":549,"height":169,"caption":"Software Engineering Daily"},"image":{"@id":"https:\/\/softwareengineeringdaily.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/software_daily"]},{"@type":"Person","@id":"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/822f06fe7d6f895baba29a9c0a3aa6c8","name":"SE Daily","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/softwareengineeringdaily.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/87cddb92997841dafa04aa675bbdaca4?s=96&d=retro&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/87cddb92997841dafa04aa675bbdaca4?s=96&d=retro&r=pg","caption":"SE Daily"},"description":"The SE Daily podcast.","sameAs":["https:\/\/softwareengineeringdaily.com"],"url":"https:\/\/softwareengineeringdaily.com\/author\/erikawho\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/softwareengineeringdaily.com\/wp-content\/uploads\/2023\/05\/socket.png?fit=1218%2C646&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p7GuoD-3Uv","_links":{"self":[{"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/posts\/15035"}],"collection":[{"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/comments?post=15035"}],"version-history":[{"count":0,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/posts\/15035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/media\/15037"}],"wp:attachment":[{"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/media?parent=15035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/categories?post=15035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/softwareengineeringdaily.com\/wp-json\/wp\/v2\/tags?post=15035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}