Skip to content

Join our Episode Series: Identity Security – Unleashed for the AI Era →

DevSec For Scale Podcast – Open Source Security w/ Liran Tal, Snyk

In this episode of the “DevSec for Scale” podcast, host Jeremy Hess welcomes Liran Tal, the Director of Developer Advocacy at Snyk. Liran and Jeremy dive into the topic of open source security, emphasizing the increasing threat from attackers who exploit open source ecosystems like PyPI, RubyGems, and npm. Liran explains how easy it is for malicious actors to introduce harmful code into these ecosystems, taking advantage of the widespread use of open source libraries.

Liran discusses the advantages of using open source security tools over closed source enterprise solutions, highlighting the shift towards tools designed for developers. He notes that developers prefer tools that they can easily adopt and experiment with, often without needing a formal sales cycle. The open source and free nature of many security tools make them accessible and widely adopted, as they allow developers to quickly integrate them into their workflows.

Delving into his background, Liran shares his journey from being a developer and community member to his current role at Snyk. He recounts his early involvement in the Node.js community, where he authored a book on Node security and actively participated in the Node.js Foundation. His passion for secure coding practices and supply chain security has been a driving force throughout his career, leading him to advocate for better security awareness among developers.

Liran offers valuable insights into the importance of understanding and managing software supply chain security. He stresses the need for developers to be aware of the dependencies they use and the potential vulnerabilities these can introduce. Liran also shares some personal anecdotes, including past security mistakes, emphasizing the importance of continuous learning and awareness in maintaining secure coding practices. Finally, he advises developers to prioritize security measures that integrate seamlessly into their workflows, using tools that enhance their existing development processes without adding unnecessary complexity.

Subscribe to Newsletter
  • PrivilegedAccessManagement(PAM)_BestSupport_Enterprise_QualityOfSupport
  • PrivilegedAccessManagement(PAM)_HighPerformer_Enterprise_HighPerformer
  • PrivilegedAccessManagement(PAM)_EasiestToUse_Enterprise_EaseOfUse
  • PrivilegedAccessManagement(PAM)_UsersMostLikelyToRecommend_Nps

© 2025 AKEYLESS. All rights reserved