POPULARITY
Incidents like the Log4j incident and new governmental regulations have forced tech leaders to examine the security of their software supply chain. Understanding the complexities of this is challenging; how can CIOs determine their exposure and prioritize their vulnerabilities? In this conversation, Yadin sits down with Chip Childers, VP Security, Compliance, Open-Source & Privacy Engineering & Chief Open Source Officer at VMware and Jim Mercer, Research Vice President - DevOps & DevSecOps at IDC, to discuss the software supply chain and how CIOs should think about it, in depth. They look at how we became so reliant on the open-source community and the impact of generative AI.Key Quotes:“When you talk about the idea of having to have development resources to do patching, it's those transitive dependencies, honestly, that you may not be able to patch because you're relying on other people's work. That's why understanding this complexity really matters.” - Chip “I don't think a lot of organizations realize how dependent they are on this open source community as we've started to kind of grow out, develop applications and rely so heavily on open source.”- Jim---------Timestamps:(01:15) Why are we concerned about the software supply chain?(05:25) Building complex systems on top of other complex systems(08:15) Realizations from the Log4j incident (11:22) Resulting shifts from new compliance and regulations(16:21) Creative chaos in the software industry (18:48) Reliance on the open-source community (19:23) How can you identify where code is coming from?(20:17) Prioritizing vulnerabilities (23:08) The snowball effect in the supply chain(25:00) How do you understand your exposure?(33:15) The impact of generative AI (37:27) Where should CIOs start heading into board level conversations? --------Links:Chip Childers on LinkedInJim Mercer on LinkedInCIO Exchange on TwitterYadin Porter de León on Twitter[Subscribe to the Podcast] On Apple PodcastFor more podcasts, video and in-depth research go to https://www.vmware.com/cio
It happens once a year: my birthday. However, this one quickly turned into an M Café reunion, with DJs Kevin Ruiz, Mark Cali-Jentes and OB One joining me in the booth, while Wendell Garcia performed by proxy—since his wife was giving birth in the hospital!Spotted in the crowd were Kimmie & Inaki Lamar's, Jade Santos, Sarada & Mike, Audrey Carpio, Kevin & Irene, Chip Childers, Lala Alvarez, Rafael Dominguez, Mike Sinclair, Carsten & Gianna Stormer, John Riad & Shiela Viesca, Mark Jentes & Mona, Lord & Aksana Ancheta, Ron Davis, Edgar Krohn, Ferdi Salvador, Kate Torralba, Antonio Ressano, Francisco & Kimmy Delgado, Morgan & Jasmine Gilvrey, Karen & Freddie Elizalde, Bryan Bambike, Santi Picornell, Martin Wisniewski, Natalie, Sunshine & Ricardo, Fadzly Yusof, Abhi Mohan, Butch Menchaca, Jorge Josef, Shayne Murray, Martin & Jay Block, David Miller, Ana Gonzalez. The event was sponsored by Chivas Regal, photos by Ed Simon, and it was hosted by Mackey Maguigad and my lovely wife Inés. And here's a bit of the playlist from that night!
Chip Childers has been at VMware for six months, during which time he has focused on steering the vendor's use and interaction of open source software platforms and refining its approach to supporting those efforts. These are significant areas of interest for VMware and for Childers' role as VP and chief open source officer at the vendor, which is increasingly interacting with the open source community. “For projects that VMware hosts, we want to make sure that we're very welcoming to participants that want to collaborate with us, but also how do we engage in a really authentic way with open source communities that are out there, maybe at a foundation or owned by another vendor or just even a collective of individuals,” Childers said. “So we spent a lot of time on making sure that VMware has a very thoughtful community strategy and how it engages with these projects.” Those comments build on what Childers said were his initial areas of focus when he took on the role last year. At that time, Childers repeatedly mentioned a need for VMware to be “intentional” with its interactions across the open source community. This work also includes VMware exploring other open source opportunities that it can help foster and in turn help power new VMware services. “We're exploring project communities, we're trying to make a very positive impact in those communities and, frankly, get to the point where those communities are generating software that we think is going to be useful for VMware, either internally or as part of our product strategy,” Childers added. This includes a specific focus on operationalizing machine learning (ML). Childers mentioned projects like Kubeflow, which supports ML stacks running on Kubernetes. Kubeflow is currently under the guise of Google, but is working toward inclusion in the Cloud Native Computing Foundation (CNCF). Childers also touched on the growing need for VMware to work on securing open source ML platforms. He described attack models that can add noise to an image in a way that can trick an ML model into thinking “a banana is an apple.” To counter this, VMware is looking at different projects, with Childers citing the Adversarial Robustness Toolbox project that is currently on GitHub as a potential way to test various threats or attack vectors. “As we look at it we see how important these operational attributes of machine learning are going to be to our customers and, frankly, to the industry writ large,” he added. Listen to more of Childers' insight into VMware's areas of focus in the latest episode of the SDxCentral 7 Layers podcast. Learn more about your ad choices. Visit megaphone.fm/adchoices
An organization that has any ambitions or hopes to scale application deployments across cloud native environments is not going to get very far without automation.From CI/CD support, increasing application deployment speed — often across different environments — and maintaining compliance and security, operations teams manually managing these processes is just not humanly possible after a certain point.In this latest episode of The New Stack Makers podcast, Abby Kearns, Chief Technology Officer and head of R&D, and Chip Childers, Puppet Chief Architect, discussed what automation for infrastructure management for cloud native deployments means for Puppet and for the IT industry. Alex Williams, founder and publisher of TNS, hosted this interview.
Register now: https://bit.ly/3z56C65 Cloud Foundry Foundation will be hosting the next Cloud Foundry Summit Virtual in July this year. We sat down with Chip Childers, Executive Director of the Foundation, to talk about the format of the event and what are some themes and topics we should be looking forward to. Essentially, there will be three tracks throughout the event – the first will be about the end users' stories and experiences, the second will be “How To”, the developers guide for using Cloud Foundry;, and the third track will be “Behind the Curtain” that is all about the interaction between and with the Open Source community who create the Cloud Foundry software. The Foundation will also organize certification exams that have become extremely popular.
Over the last 10 years, Cloud Foundry has grown from “open Heroku clone” to “software used at your bank”. The Cloud Foundry Foundation and the CNCF launched within a few months of each other in 2015, and the two worlds are now colliding as Cloud Foundry replatforms on top of Kubernetes. Our guest this week is the Executive Director of the Cloud Foundry Foundation, Chip Childers. He talks to Adam and Craig about foundations, the boredom of infrastructure, and the cost of every line of code you write. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Memorial Day Spring Bank Holiday Sundar Day Cracking the Cryptic: Sudoku solving and more 4 million views Craig’s favourite: watch Simon’s excitement Guardian article cheat3: Lego puzzle boxes News of the week Istio 1.6 released Multiple control planes WorkloadEntry Azure Arc for Kubernetes now in preview New AKS features GKE introduces Container Threat Detection in Beta TriggerMesh makes EveryBridge available to EveryOne in Preview Introducing KES from MinIO Updates to StackRox Kubernetes security platform OPA survey results Styra DAS adds microservices authorization Episode 101, with Tim Hinrichs and Torin Sandall Rancher Academy Understanding Anthos on Bare Metal from Google Cloud Snyk partners with Docker and Docker partners with Snyk Kubernetes Apply vs. Replace vs. Patch by David Dooling from Atomist Links from the interview DMTF and DTMF 17 year old kids asked to use a rotary phone Apache CloudStack Wikipedia, with history Apache Software Foundation Officers and Project VPs Cloud Foundry Announcement of formation GitHub Wikipedia Boeing B-29 plane Pivotal Software Linux Foundation Collaborative Projects Open Container Initiative April 2020: Chip Childers, CFF CTO, becomes Executive Director Episode 98, with Sam Ramji (the founding CEO/Executive Director of the CFF) Project Eirini: announced by IBM in April 2019 Old architecture: Diego and Garden KubeCF Created at SUSE GitHub cf-for-k8s GitHub Chip Childers on Twitter
KubeCF is an open-source distribution of Cloud Foundry Application Runtime (CFAR) designed to run on top of Kubernetes. The distribution works with the cf-operator from Project Quarks to deploy and manage releases built from cf-deployment, and can be configured to use Kubernetes as the underlying container scheduler using the work of Project Eirini.
This week we spoke with Chip Childers, technology chief of staff at the Cloud Foundry Foundation, about the technical and architectural decisions that help define the modern enterprise. Cloud Foundry Foundation is the independent organization that oversees the development and adoption of the Cloud Foundry platform, and it's a sponsor of The New Stack. More than half of the Fortune 500 uses Cloud Foundry, so the Cloud Foundry Foundation depends on the enterprise using, contributing to, and advancing its open source projects. Childers works closely with developers and CIOs at all of the foundation's member companies, and so he has a deep understanding of what it is that a modern enterprise needs in order to succeed in today's rapidly changing technology landscape. In a recent post for The New Stack, he wrote that “Modern enterprises ... think critically about what they should build themselves and what they should source from somewhere else.”
This week we spoke with Chip Childers, technology chief of staff at the Cloud Foundry Foundation, about the technical and architectural decisions that help define the modern enterprise. Cloud Foundry Foundation is the independent organization that oversees the development and adoption of the Cloud Foundry platform, and it's a sponsor of The New Stack. More than half of the Fortune 500 uses Cloud Foundry, so the Cloud Foundry Foundation depends on the enterprise using, contributing to, and advancing its open source projects. Childers works closely with developers and CIOs at all of the foundation's member companies, and so he has a deep understanding of what it is that a modern enterprise needs in order to succeed in today's rapidly changing technology landscape. In a recent post for The New Stack, he wrote that “Modern enterprises ... think critically about what they should build themselves and what they should source from somewhere else.”
Contents for this episode:• What's New in SAP Cloud Platform since last podcast• What’s happening with SAP Cloud Platform Workflow service and what to expect at TechEd 2018 - with Christian Loos and Stephan Schluchter• Informal chat with Chip Childers and Bernd Krannich @ Cloud Foundry Days Bangalore 2018• Upcoming Events for SAP Cloud Platform – TechEd, TechEd, TechEd…! Your host: Manjunath Baburao Enjoy the show!
This is the content covered in this episode: • What’s new in SAP Cloud Platform• Special interview: Ina Ivanova on Cloud Foundry Day in Sofia with Chip Childers and Bernd Krannich • New segment: “What are YOU talking about?”• Events around the corner Your host: Moya Watson Enjoy the show !
Chris speaks with Chip Childers about the history, use cases and components of Cloud Foundry. https://www.linkedin.com/in/chipchilders/ --- Send in a voice message: https://anchor.fm/theweeklysqueak/message
Aaron and Brian talk to Chip Childers (@chipchilders, VP of Technology @CloudFoundryOrg) about the current status of Cloud Foundry projects, how Microsoft .NET will be integrated, IaaS vs. PaaS, and the CF.org thinking about overall interoperability Interested in the O'Reilly OSCON? Want to register for OSCON now? Use promo code 20CLOUD for 20% off Details to win an OSCON pass coming soon! Check out the OSCON Schedule Free eBook from O'Reilly Media for Cloudcast Listeners! Check out an excerpt from the upcoming Docker Cookbook Topic 1 - From an overall project perspective, what grades would you give Cloud Foundry in terms of stability, core functionality, security, operations, etc? Topic 2 - You were previously involved (directly/indirectly)with CloudStack. As you talk to people in the marketplace, how is it different discussing IaaS vs. PaaS. Topic 3 - How much ability will you have to drive prioritization within sub-projects or new projects? (eg. Security vs. new Languages vs. Interop, etc.) Topic 4 - What’s the CF.org way of thinking about interoperability? Topic 5 - What guidance are you giving the teams in terms of expandability of Cloud Foundry? Architecturally, are there certain places you recommend over other places? Topic 6 - Is there a place for integrating SaaS applications (monitoring, logging, etc.) into Cloud Foundry? Music Credit: Nine Inch Nails (nin.com)
In our last episode of 2013, Duncan Johnston-Watt (@duncanjw), the founder and CEO of Cloudsoft and Chip Childers (@chipchilders), the VP of product strategy at CumuLogic stop by to talk about their respective companies and cloud computing in 2014. Cloudsoft is bringing business to the cloud – their Application Management Platform orchestrates services, platforms and infrastructures to ensure they directly meet the needs of applications, dynamically and in real time. CumuLogic allows service providers to emulate Amazon-style cloud services through abstraction that sits on top of a variety of cloud platforms. Show Timeline: • 0:00 – Introductions and News of the Week • 9:38 – Interview with Duncan Johnston-Watt • 25:30 – Interview with Chip Childers • 41:18 – Wrap up
Aaron speaks with Chip Childers (@chipchilders) for a quick update on Apache CloudStack as well as what's next in IaaS and how to provide services (DBaaS, Message Bus, LBaaS, etc.) above IaaS and what the future may hold.
Aaron talks with Chip Childers (@chipchilders) and David Nalley (@ke4qqq) about why the CloudStack Collab Conference is different from most conferences, the state of Apache CloudStack, user driven communities & what it is like to work in an Apache project