The Kubelist Podcast - Ep. #48, Unpacking Software Supply Chain Security with Justin Cappos

On episode 48 of The Kubelist Podcast, Marc Campbell and Benjie De Groot sit down with Justin Cappos, professor at NYU and a pioneer in software supply chain security. They explore the origins of modern package manager security, the real-world limits of SBOMs, and why systems should be designed assuming compromise. The conversation spans CNCF governance, in-toto, TUF, Git security, and the emerging role of AI in securing software.