March 16, 2022

How to Recover from the Log4j Supply Chain Attack with Ilkka Turunen

How to Recover from the Log4j Supply Chain Attack with Ilkka Turunen

In this episode of the HackerNoon Podcast, Amy Tom sits down with Ilkka Turunen to talk about Supply Chain Security. They go over the Log4J incident that made a lot of apps built-in Java vulnerable to exploitation, what it means to be a field CTO, how co...

Apple Podcasts podcast player badge
Spotify podcast player badge
Google Podcasts podcast player badge
Overcast podcast player badge
Castro podcast player badge
PocketCasts podcast player badge
Audible podcast player badge
Amazon Music podcast player badge
Stitcher podcast player badge
Castbox podcast player badge
Pandora podcast player badge
TuneIn podcast player badge
Spreaker podcast player badge
Podcast Addict podcast player badge
Podchaser podcast player badge
Soundcloud podcast player badge
RSS Feed podcast player badge

In this episode of the HackerNoon Podcast, Amy Tom sits down with Ilkka Turunen to talk about Supply Chain Security. They go over the Log4J incident that made a lot of apps built-in Java vulnerable to exploitation, what it means to be a field CTO, how companies can place themselves to collect user feedback, and a lot more!

 

Ilkka Turunen is the Field CTO of https://www.sonatype.com/ (Sonatype).

 

On this episode of the HackerNoon Podcast, Amy Tom and Ilkka Turunen chat about:

  • What is a field CTO anyways? 🤔 (01:20)
  • How do you stay in the loop on customer needs and feedback? ➿ (05:19)
  • How has Ikka’s job as a field CTO changed since the pandemic started? 😷 (07:30)
  • Supply chain attacks have increased since the pandemic started. How have Sonatype’s customers and the business changed over this period? 🧰 (08:53)
  • Breaking down how the executive order by Biden’s administration regarding supply chains is affecting the software industry ⚙️ (10:06)
  • What is the best way to mitigate supply chain risk? ⚠️ (11:49)
  • Getting into vendor due diligence as mitigation of supply chain risk 🚩(17:22)
  • Learnings from the Log4J incident 📝 (22:44)
  • Why are 40% of Log4J downloads still the old vulnerable versions? ☢️ (25:47)

 

Log4J vulnerability resource center:

 

Find Ilkka Turunen online:

 

Learn more about HackerNoon: