In this episode of the HackerNoon Podcast, Amy Tom sits down with Ilkka Turunen to talk about Supply Chain Security. They go over the Log4J incident that made a lot of apps built-in Java vulnerable to exploitation, what it means to be a field CTO, how companies can place themselves to collect user feedback, and a lot more!

Ilkka Turunen is the Field CTO of https://www.sonatype.com/ (Sonatype).

On this episode of the HackerNoon Podcast, Amy Tom and Ilkka Turunen chat about:

• What is a field CTO anyways? 🤔 (01:20 )


• How do you stay in the loop on customer needs and feedback? ➿ (05:19 )


• How has Ikka’s job as a field CTO changed since the pandemic started? 😷 (07:30 )


• Supply chain attacks have increased since the pandemic started. How have Sonatype’s customers and the business changed over this period? 🧰 (08:53 )


• Breaking down how the executive order by Biden’s administration regarding supply chains is affecting the software industry ⚙️ (10:06 )


• What is the best way to mitigate supply chain risk? ⚠️ (11:49 )


• Getting into vendor due diligence as mitigation of supply chain risk 🚩(17:22 )


• Learnings from the Log4J incident 📝 (22:44 )


• Why are 40% of Log4J downloads still the old vulnerable versions? ☢️ (25:47 )

Log4J vulnerability resource center:

• https://www.sonatype.com/resources/log4j-vulnerability-resource-center

Find Ilkka Turunen online:

• https://twitter.com/llkkaT

Learn more about HackerNoon:

• To read HackerNoon stories, check out hackernoon.com


• To apply for a position, check out https://careers.hackernoon.com/


• To participate in HackerNoon writing contests, check out https://hackernoon.com/u/hackernooncontests