DevelopersDevOpsFeaturedLet's TalkOpen SourceSecurity

Eyeballs Alone Are Not Enough For Open Source Security: Rob Hirschfeld, RackN

0

Guest: Rob Hirschfeld (LinkedIn, Twitter)
Company: RackN (Twitter)
Show: Let’s Talk

2021 has been a very interesting year because of not just the pandemic that disrupted many businesses and norms and created a new culture for future workforce but also the impact it had on open source. In this episode of Let’s Talk, I sat down with Rob Hirschfeld, CEO and Co-Founder of RackN, to talk about the changes we saw in the open source world in 2021.

Here are some key takeaways from this discussion:

  • Rob, if I ask you to reflect on 2021, what’s going on with open source? How are things changing? Are they getting better or worse? 

“I think that people are looking at open source as not the answer to every problem, which is potentially the most healthy thing that we can have.”

  • So how has open source contributed to the emergence of new companies? It doesn’t take months or years to start a new tech company these days.

“I think that it is important to think of open source as a development model where you have communities helping do development. It’s also as much an ecosystem model where you build up an ecosystem.”

  • Major changes at one of the biggest open source communities like Kubernetes?

“I see a lot of places where people have a green light to build things in Kubernetes, or on top of Kubernetes, which is very healthy for an ecosystem. You can come to market as a Kubernetes product and not be questioned, which means that Kubernetes has reached a critical mass for how things are going.”

  • Do enough eyeballs make things secure?

“Even having users doesn’t. It’s eyeballs, but it’s also usage. And so we can’t make the assumption that just because something has a massive ecosystem and is widely used that it’s automatically more secure than something else.”

  • Looking at these security news related to open source, what can open source projects do for better security posture?

“None of that technology (open source) comes with the processes and practices that ensure that you can update, patch, deploy and fix. Those are things that are still on the users, they’re still on the operators. When we look at customers wanting to use open source technologies better, they need to be prepared to update, migrate, change, fix, adapt.”

  • Understanding open source is a software supply chain 

“It’s a supply chain. This is the thing that I think we’ve been learning over and over again, is that you need to be aware of the supply chain of your business. And the software and the infrastructure is part of that supply chain.”

  • How do players like RackN make open source more consumable?

“What we do with an infrastructure pipeline is we put together a lot of pieces as a system and take a very systematic view of it. And that allows you to roll through changes. You become insulated from changes to HashiCorp or from Linux, or from IPMI or Redfish vendors, or hardware, software, or clouds.”

Read Transcript
 

Don't miss out great stories, subscribe to our newsletter.

Kubernetes Dominates Container Management: Platform9 Report

Previous article

Coalesce Emerges From Stealth Mode With $5.92 Million In Seed Funding

Next article
Login/Sign up