Episode 73 - Sign of the Times with Google and Sigstore's Dan Lorenc

Dan Lorenc is a Software Engineer at Google and lead for Project Sigstore a Linux Foundation project. Dan talks about his history at google with projects such as skaffold and minikube which inspired his work currently with Project Sigstore. Dan currently works on a cloud native project called Sigstore which is a non-profit, public good software signing & transparency service. Software supply chains are exposed to multiple risks. Users are susceptible to various targeted attacks, along with account and cryptographic key compromise. Keys in particular are a challenge for software maintainers to manage. We talk Software Supply Chain Security and Software Supply Chain Devops along with our mutual love of our home of Upstate NY. Dan provides some valuable advice on how to protect your software supply chain and this is a very fun episode! On June 18th 2021 - we will be holding our first Root Key ceremony on June 18th at 2pm Eastern on June 18th at 2pm Eastern on CloudNative.tv (CNCF twitch). Please join us more details at this link: https://blog.sigstore.dev/a-new-kind-of-trust-root-f11eeeed92ef

Om Podcasten

The POPcast with Dan POP! Join host Dan “Pop” Papandrea as he has conversations with the fascinating people that are driving technology and thought leadership. We cover their personal stories and their journeys including their wins and losses to deep dive into what it is like to lead through technology and new ways of thinking. The POPCAST is one of the world's first open source podcast where some guests and questions are driven through community contributors. Disclaimer: Purely for entertainment/informational purposes.