In this episode, Omkhar talks to Christoph Kern, Principal Software Engineer in Google’s Information Security Engineering organization. Christoph helps to keep Google’s products secure and users safe. His main focus is on developing scalable, principled approaches to software security.

• 00:42 - Christoph offers a rundown of his duties at Google
• 01:38 - Google’s general approach to security
• 03:02 - What Christoph describes as “stubborn vulnerabilities” and how to stop them
• 06:42 - An overview of Google’s security ecosystem
• 10:00 - Why memory safety is so important
• 12:23 - Solving memory safety problems via languages
• 16:23 - Omkhar’s rapid-fire questions
• 18:28 - Why Christoph thinks this may be a great time for young professionals to enter the cybersecurity industry

Episode links:

• Blog: Tackling Cybersecurity Vulnerabilities Through Secure by Design
• Report: Secure by Design: Google’s Perspective on Memory Safety
• White House Press Release: Future Software Should be Memory Safe
• Blog: OpenSSF Supports White House’s Efforts to Build More Secure and Measurable Software
• Research: Developer Ecosystems for Software Safety: Continuous Assurance at Scale