# Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367

Page: https://stenobird.com/podcast/application-security-weekly-audio-436682/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367
Text version: https://stenobird.com/podcast/application-security-weekly-audio-436682/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367.md
Podcast: [Application Security Weekly (Audio)](https://stenobird.com/podcast/application-security-weekly-audio-436682)
Published: 2026-01-27T10:00:00+00:00
Episode link: https://aswaudio.libsyn.com/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367
Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_367_1--eeea1102-7f1e-4482-87e7-23aa1ff8836a--audio-converted--a3ab696d-4d20-49a9-95ec-d154114e9688.mp3?dest-id=626765
Processing state: not_requested
JSON: https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367
Duration seconds: 4395

## Resource

Supply chain security remains one of the biggest time sinks for appsec teams and developers, even making it onto the latest iteration of the OWASP Top 10 list. Paul Davis joins us to talk about strategies to proactively defend your environment from the different types of attacks that target supply chains and package dependencies. We also discuss how to gain some of the time back by being smarter about how to manage packages and even where the responsibility for managing the security of packages should be. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-367

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/application-security-weekly-audio-436682/building-proactive-defenses-that-reflect-the-true-nature-of-modern-software-risk-paul-davis-asw-367.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.