This Week in News: Vulnerability Disclosure, Microservices Architecture
Hello, welcome to The New Stack Context, a podcast where we review the week’s hottest news in cloud-native technologies and at-scale application development, as well as look ahead to topics we expect will gain more attention in coming weeks.
On this week’s episode, TNS security correspondent Lucian Constantin joins us to talk about how companies can and should handle security reports. His latest story on this subject is based on a recent survey of 1,700 bug bounty participants on HackerOne. The survey revealed that one in four ethical hackers have had cases where they eventually gave up on reporting vulnerabilities because the affected vendors didn’t respond to the issues. And this wasn’t because of a lack of trying to contact those organizations. Constantin explains how your company can set up a good vulnerability reporting policy so you’ll learn about vulnerabilities from ethical hackers first before customer data end up for sale on the underground market.
Then, later in the episode, managing editor Joab Jackson talked about the O’Reilly Software Architecture conference he attended in New York this week. He heard a lot about event-driven microservices and got a preview of Camunda, a workflow engine for coordinating complex arrangements of microservices.
- How a Vulnerability Disclosure Policy Keeps Your Security Flaws off the Dark Web
- Equifax Data Breach Shows the Perils of Not Patching in a Timely Manner
- Mesosphere’s Data Center Operating System Will Soon Offer a Managed Kubernetes
- Harness.io: For Moving Fast and Not Breaking Things
- Off-The-Shelf Hacker: Before ‘Open Source,’ There Was Unix
- Microservices: It’s All About the Events
Feature image via Pixabay.