TL;DR: On this software security and regulation-focused episode of the podcast, the OG of AppSec (Jeff Williams) joins James & I to talk about the latest spate of regulations that require self-attested transparency about what companies are doing with respect to securing their software via supply chain and direct action. Jeff contends this is a good thing and it's hard to argue that transparency drives good - however - I'm always curious what this does to those who struggle to afford to do better, which is what the vast majority of vendors to FedGov are. Interesting discussion, join us! YouTube Video: https://youtube.com/live/iavtEVADp4g Guest Jeff WilliamsLinkedIn: https://www.linkedin.com/in/planetlevel/Connect with DtSR on LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/ Follow along on Twitter: https://twitter.com/dtsr_podcast