What's in the SOSS? An OpenSSF Podcast

The Gemara Project: GRC Engineering Model for Automated Risk Assessment

March 10, 2026·17 min
Episode Description from the Publisher

Hannah Braswell and Jenn Power, security engineers from Red Hat and contributors to the OpenSSF, join host Sally Cooper to discuss the Gemara project. Gemara, an acronym for GRC Engineering Model for Automated Risk Assessment, is a seven-layer logical model that aims to solve the problem of incompatibility in the GRC (Governance, Risk, and Compliance) stack. By outlining a separation of concerns, the project seeks to enable engineers to build secure and compliant systems without needing to be...

Podzilla Summary coming soon

Sign up to get notified when the full AI-powered summary is ready.

Get Free Summaries →

Free forever for up to 3 podcasts. No credit card required.

Listen to This Episode

Apple Podcasts

More from What's in the SOSS? An OpenSSF Podcast

Packaging, Transferring, and Deploying Software in Air-Gapped Environments with Zarf

May 5, 2026·19 min

Big Thoughts, Open Sources Inaugural Episode: Beyond the Hype: Brian Fox on Securing the Agentic Future of Open Source

April 7, 2026·29 min

From Noise to Signal: Security Expertise and Kusari Inspector with Mike Lieberman

March 24, 2026·25 min

Empowering New Maintainers: Inside the OpenSSF Mentorship Program

March 17, 2026·22 min
View all episodes →

Get summaries like this every morning.

Free AI-powered recaps of What's in the SOSS? An OpenSSF Podcast and your other favorite podcasts, delivered to your inbox.

Get Free Summaries →

Free forever for up to 3 podcasts. No credit card required.