Dan Lorenc on fixing the ‘crappy’ CVE ecosystem

Episode sponsors:

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding rounds and VC expectations, fixing the "crappy" CVE and CVSS ecosystems, managing expectations around SBOMs, and how politicians and lobbyists are framing cybersecurity issues in strange ways.

Links:

• SBOMs – All the right ingredients, but something is still missing
• Open Source Development Threatened in Europe
• Chainguard Images: Reduce your attack surface
• Dan Lorenc on LinkedIn
• Dan Lorenc on Twitter/X
• Chainguard Raises $61 Million Series B
• Binarly — Firmware Supply Chain Security Platform — Binarly is the world’s first automated firmware supply chain security platform. Using cutting-edge techniques, Binarly identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.