DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun

The DevSecOps Talks Podcast

Player FM - Internet Radio Done Right

16 subscribers

הוסף לפני four שנים

תוכן מסופק על ידי Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin, Mattias Hemmingsson, Julien Bisconti, and Andrey Devyatkin. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin, Mattias Hemmingsson, Julien Bisconti, and Andrey Devyatkin או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

All About Change

1
Tiffany Yu — Smashing Stereotypes and Building a Disability-Inclusive World 30:23

לפני 22 ימים30:23

הפעל מאוחר יותר

רשימות

לייק

אהבתי

30:23

Tiffany Yu is the CEO & Founder of Diversability, an award-winning social enterprise to elevate disability pride; the Founder of the Awesome Foundation Disability Chapter, a monthly micro-grant that has awarded $92.5k to 93 disability projects in 11 countries; and the author of The Anti-Ableist Manifesto: Smashing Stereotypes, Forging Change, and Building a Disability-Inclusive World. As a person with visible and invisible disabilities stemming from a car crash, Tiffany has built a career on disability solidarity. Now that she has found success, she works to expand a network of people with disabilities and their allies to decrease stigmas around disability and create opportunities for disabled people in America. Episode Chapters 0:00 Intro 1:26 When do we choose to share our disability stories? 4:12 Jay’s disability story 8:35 Visible and invisible disabilities 13:10 What does an ally to the disability community look like? 16:34 NoBodyIsDisposable and 14(c) 21:26 How does Tiffany’s investment banking background shape her advocacy? 27:47 Goodbye and outro For video episodes, watch on www.youtube.com/@therudermanfamilyfoundation Stay in touch: X: @JayRuderman | @RudermanFdn LinkedIn: Jay Ruderman | Ruderman Family Foundation Instagram: All About Change Podcast | Ruderman Family Foundation To learn more about the podcast, visit https://allaboutchangepodcast.com/…

לפני שנתיים 49:22

MP3•בית הפרקים

We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework (https://pbom.dev). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain security. If you are looking to understand the Open Source Software Supply Chain, then this episode is perfect for you.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

81 פרקים

#Tech #Andrey Devyatkin #Julien Bisconti #Mattias Hemmingsson

DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun

The DevSecOps Talks Podcast

16 subscribers

published לפני שנתיים

שתפו

MP3•בית הפרקים

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

81 פרקים

#Tech #Andrey Devyatkin #Julien Bisconti #Mattias Hemmingsson

Alle episoder

1
#81 - Keeping Secrets Safe 33:35

לפני 14 ימים33:35

33:35

Still pasting tokens into Slack? What types of secrets are at risk, and which tools fit which consumer—humans, CI/CD, or workloads? Where do most teams stumble, and how do you fix it fast? Hear our no-nonsense checklist. Connect with us on LinkedIn or X (see info at https://devsecops.fm/about/) . We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. The video version of this episode is available on our YouTube channel LinkedIn page of the DevSecOps Talks team is here…

1
#80 - Understanding Passkeys: Benefits And Limitations 36:55

לפני 8 weeks36:55

36:55

Passkeys are gaining attention as a new way to log in without passwords. How do they work, and how do they compare to traditional multi-factor authentication (MFA)? In this episode, we explore the history of passwords, the strengths and weaknesses of common MFA methods, and the potential of passkeys to enhance security. What threats do passkeys mitigate, and what still remain? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#79 - Going Local: What’S Driving The Move? 20:31

לפני 12 weeks20:31

20:31

Andrey, Paulina, and Mattias kick off a miniseries on European infrastructure. We talk about infrastructure providers' options across Europe, ask what really drives the move away from hyperscalers, and wonder whether the trade-offs make sense for most teams. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#78 - Building AI Tools For IaC Compliance 41:12

לפני 14 weeks41:12

41:12

In this guest episode, we chat with Davlet Dzhakishev, co-founder of Cloudgeni, who’s working on an AI-powered approach to fixing compliance issues in IaC. What’s the state of tools in this space? Where does his idea fit in? And how should we think about the relationship between compliance and security? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#77 - Chaos Engineering Explained: Part 2 34:30

לפני 16 weeks34:30

34:30

Part two of our chaos engineering series is here! Join Andrey, Mattias, and Paulina as they talk through practical strategies for chaos engineering. Who should do it? How can you start? And what are the essential prerequisites? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#76 - Chaos Engineering Explained: Part 1 26:29

לפני 18 weeks26:29

26:29

Chaos engineering—is it really chaos, or something more structured? Andrey, Paulina, and Mattias talk about what chaos engineering means, how it started, and why you might already be using it unintentionally. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#75 - Learning from the Crisis: Post-Incident Actions 24:18

לפני 20 weeks24:18

24:18

This is the final episode of our three-part series on incident response. We focus on what happens after the dust settles. How do you learn from what went wrong and avoid repeating it? Tune in to hear our top recommendations. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#74 - From Preparation To Execution: Handling An Active Incident 27:50

לפני 22 weeks27:50

27:50

What keeps an incident from spiraling out of control? How can you organize your team on the spot? We continue our series on incident response, moving from preparation to real-time actions. Mattias shares key points from his course. Listen to learn how we handle incidents step by step. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#73 - Incident Response: Key Preparations You Need 38:23

לפני 25 weeks38:23

38:23

Incident response can be complex, but where do you start? Andrey, Mattias, and Paulina dive into the preparation steps you need to take. Mattias shares his expertise from teaching an incident response course. What’s their top recommendation? Listen and find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#72 - AWS Resource Control Policies (RCPs) 21:25

לפני 26 weeks21:25

21:25

We are looking into recently announced AWS Resource Control Policies. What are they? How are they different from Service Control Policies? What is a Data Perimeter? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#71 - Unpacking The Dora Accelerate State Of Devops Report 40:49

לפני 29 weeks40:49

40:49

In this episode, Andrey, Mattias, and Paulina break down the new DORA Accelerate State of DevOps report. What’s changed since the last report? What do these insights mean for your team? Tune in for our insightful conversation! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#70 - System Initiative Goes Ga 40:26

לפני 33 weeks40:26

40:26

Andrey, Mattias, and Paulina are joined by Paul Stack, an IaC tools developer and a frequent guest on the show. He’s back to discuss the general availability of System Initiative and share what has changed since his last visit when they talked about the early beta of the tool. Will this be a revolution or evolution in Infrastructure as Code tooling? Do we really need collaborative infrastructure management tools? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#69 - Who Is Paulina? 42:16

לפני 35 weeks42:16

42:16

Join Andrey and Mattias as they sit down with Paulina Dubas, an independent DevOps consultant and public speaker. Who is Paulina, and what experiences does she bring to the table? What topics particularly resonate with her? Tune in to learn more about Paulina since we have a feeling that she is here to stay Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#68 - Julien’s Last Episode? 27:16

לפני 39 weeks27:16

27:16

Julien shares big news with co-hosts Mattias and Andrey. What led to his decision to step down? And what does the future hold for him? Tune in for the off-boarding interview as we look back at the past four years and 60+ episodes we did together! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

1
#67 - Building MVP On AWS 29:53

לפני 41 weeks29:53

29:53

Join Andrey, Julien, and Mattias in this episode of DevSecOps Talks as they delve into building Minimum Viable Products (MVPs) and selecting the best solutions for them. Andrey goes first and, as an AWS consultant, kicks off the discussion by outlining his preferred AWS services for MVP development. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
#66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS 58:14

לפני 1 year58:14

58:14

In this episode of DevSecOps Talks, co-hosts Andrey, Julien, and Mattias are joined by AWS Consultant Fernando Gonçalves to explore the complexities of AWS organization and account segmentation. Get insights into the debate over development, stage, and production accounts versus micro-segmentation. Don’t miss Julien's take on why he believes staging is a waste of time and money, as well as Fernando’s explanation of what the AWS Landing Zone is. Learn about the tools provided by AWS for multi-account management and the pros and cons of various account segmentation approaches. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
#65 - Understanding Nats: An Explainer Of Its Features And Capabilities 37:18

לפני 1 year37:18

37:18

Join Andrey, Julien, and Mattias in this episode of DevSecOps Talks as they discuss Nats.io, a messaging system popular among people building on top of Kubernetes. Julien explains how Nats is different from Kafka and shares his personal experience with the product. The hosts discuss the various use cases of Nats and explore its features and capabilities. Tune in to find out if Nats is the right messaging system for you! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #64 - From Terraform To Opentofu: Story From The Trenches 39:40

לפני 1 year39:40

39:40

In this episode of DevSecOps Talks, Andrey and Mattias are joined by Timur Bublik, Platform Engineering Lead at TIER Mobility. As always, it's practitioners for practitioners as they discuss the migration from Terraform to OpenTofu, TACOS tools, and how SpaceLift is used in Timur's organization. Listen in as they dive into their three favorite features of SpaceLift and how TACOS tools like SpaceLift fit into the classic CI/CD pipeline. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #63 - Yet Another AI Episode 34:36

לפני 1 year34:36

34:36

Julien has returned with some exciting AI news. A startup has made the bold claim that they are capable of building AI software engineer. Andrey shares details about another startup that generates infrastructure based on application source code. He also mentions his upcoming talk on the use of LLM-based tools. We also discuss how individuals can stay ahead of the curve and be prepared for changes in their work life. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #62 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2023 33:22

לפני 1 year33:22

33:22

In this episode of DevSecOps Talks, Andrey and Mattias discuss the latest announcements from re:Invent 2023 that are most relevant to DevSecOps practitioners. Which announcements are worth paying attention to? What are the implications for the DevSecOps community? Join us as we dive into the latest developments from AWS. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #61 - GitHub Actions And Evolution Of CI/CD Tools 46:21

לפני 1 year46:21

46:21

Andrey has been exploring GitHub Actions and has some insights to share. How have CI/CD solutions transformed over time, and what innovations do GitHub Actions bring to the table? Julien drops a few tools that could be useful for GitHub Actions users. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #60 - ChatGPT Anniversary: Where Are We With AI In Our Everyday Work 41:37

לפני 1 year41:37

41:37

Welcome to the first DevSecOps Talks episode of the new year! It's been a whole year since ChatGPT hit the scene – but how has AI adoption shaped our world since then? Join Julien, Mattias, and Andrey as they dive into the impact of AI on their workflows. How have their daily tech tools and practices evolved with AI integration? Plus, Julien gives us an insider's look at running models locally. Are these AI tools enhancing our efficiency? Tune in to find out how these advancements are reshaping the landscape of DevSecOps. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #59 - Migration Off The Cloud: To Leave or Not to Leave? 29:41

לפני 1 year29:41

29:41

Is the grass greener outside the cloud? This episode dives into the trend of companies (notably Hey and Dropbox) migrating away from cloud services. Why are they leaving, and who would benefit from such a move? We also scrutinize the common belief that public clouds are overly expensive. Join us as we dissect various cloud cost optimization tools and techniques. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #58 - AWS CDK with Igor Soroka 40:03

לפני 2 years40:03

40:03

You know our fondness for Terraform, but we are also open to exploring other tools. This episode is no different. We are joined by Igor Soroka, an expert in AWS serverless technology whose tool of choice is AWS CDK, but at the same time, he is no stranger to Terraform. We ask him practical questions about the tool and get answers based on his experience applying it to real-life projects. If you have been curious about CDK, how it functions, and if it's appropriate for you, then tune in to learn more. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #57 - Terraform Best Practices with Ben Goodman 36:38

לפני 2 years36:38

36:38

In this episode, Mattias is joined by Ben Goodman, the founder of dragondrop.cloud, a platform that offers Terraform Best Practices as a Pull Request. They discuss the best workflows for Terraform, open-source tools that can be used in conjunction with Terraform, the most effective best practices, and common pitfalls to avoid when implementing infrastructure as code using Terraform. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #56 - Backstage and Internal Development Platforms (IDP) 36:02

לפני 2 years36:02

36:02

In this episode of DevSecOps Talks, join Andrey, Julien, and Mattias as they dive into the world of Backstage, the notable internal development platform. Mattias is keen to peel back the layers and understand what makes people think of Backstage as a must-have in modern DevOps toolchains. Andrey highlights the platform's core feature: a comprehensive registry that keeps track of every software service running within a company. Could this signify a revival of IT change management, but with a twist? We've moved on from the days of cumbersome ticketing systems to streamlined internal development platforms. The team also ponders the future role of infrastructure engineers as they navigate the rising tides of AI—will AI become the new face behind these developer portals? Tune in to find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #55 - Unpacking System Initiative with Paul Stack 57:47

לפני 2 years57:47

57:47

Our dialogue with Paul Stack resumes on DevSecOps Talks, almost two years after our initial podcast about his work on Pulumi (episode 25). As a warm-up, we talk about what prompted his move from Pulumi and his take on Open Terraform drama. The main topic of the episode is Paul's current focus, System Initiative; we probe into its purpose, the progress so far, and the promise it holds for redefining how we think of doing Infrastructure as Code and DevSecOps workflows in general. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #54 - HashiCorp’s BSL Move and OpenTF: What DevSecOps Practitioners Need to Know 33:36

לפני 2 years33:36

33:36

In this episode of DevSecOps Talks, we dive deep into HashiCorp's recent shift to the Business Source License and its implications. Join Andrey, Julien, and Mattias as they unpack what this means for practitioners and explore the timeline of OpenTF initiative. Stay informed about what comes ahead with our latest discussion. Tune in! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun 49:22

לפני 2 years49:22

49:22

We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework ( https://pbom.dev ). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain security. If you are looking to understand the Open Source Software Supply Chain, then this episode is perfect for you. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #52 - Lingon a.k.a Juliens and Jacobs open source project 37:32

לפני 2 years37:32

37:32

This time we got to talk about Lingon, an open-source project developed by Julian and Jacob who is a frequent podcast guest. Discover the motivations behind Lingon's creation and how it bridges the gap between Terraform and Kubernetes. Learn how Lingon simplifies infrastructure management, tackles frustrations with YAML and HCL, and offers greater control and automation. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #51 - Provisioning bare-metal servers 48:56

לפני 2 years48:56

48:56

Diving into the world of bare-metal servers, Mattias takes the helm solo for this episode. He's accompanied by special guests Michael Wagner and Ian Evans from Metify, the company that powers Mojo - a leading platform for bare-metal provisioning automation. While we often chat about the big cloud service providers, this time we're switching gears. If you've been curious about how real-world, physical servers are set up and managed, this episode is just for you. Join Mattias, Michael, and Ian as they dive into the nuts and bolts of setting up servers - a topic that Mattias is super passionate about. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #50 - History of AWS networking and new ways to design your VPC setup 31:10

לפני 2 years31:10

31:10

In this episode, we discuss the evolution of AWS networking capabilities from EC2-classic to VPC and advanced networking features. Andrey highlights that while many companies only use VPC and VPC peerings, there are lesser-known features that can significantly change how we approach networking setups on AWS. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #49 - Password managers, ways to share sensitive info, email aliases, ChatGPT and much more 52:39

לפני 2 years52:39

52:39

This is a mixed bag of an episode, we chat about all sorts of digital tools and security practices that we use in our day-to-day lives. We start by talking about password managers, and why Julien still using LastPass after the recent LastPass data breach. Julien gives us the lowdown on his personal approach to handling passwords and two-factor authentication (2FA) tokens, showing us why strong security measures matter. Julien also shares his favorite email alias service and we discuss services for sharing sensitive information to keep mail inboxes cleaner and more private. We also spoke about ChatGPT, an AI language model from OpenAI - will it replace jobs? should we be using it? And how? Just a heads up, we aren't sponsored by companies we mention in this episode. We're just sharing our personal experiences and the stuff we like to use. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #48 - Building Data Platforms 46:08

לפני 2 years46:08

46:08

Julien has extensive experience building data platforms for data engineering, so we got him talking and sharing. If infra for data engineering is your cup of tea, then this episode is for you. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #47 - Tracing explained 30:13

לפני 2 years30:13

30:13

We discussed tracing before but never got around to explaining details such as fundamentals, terminology, etc. This time Julien goes into detail about what tracing is, what the benefits are, the basic terms you need to understand, and where to start. Great episode for those who are considering adding tracing capabilities to their systems. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #46 - Software supply chain attacks 50:10

לפני 3 years50:10

50:10

We are happy to welcome back Jacob Lärfors, CEO and Senior Consultant from Verifa, to talk about software supply chain attacks. It feels important to raise this topic since those attacks start to be utilized more often by sophisticated adversaries. At the same time, software supply chain security is something that companies often overlook. We as practitioners have so many things to consider and do that, in most cases, we do not have enough cognitive capacity left when looking into our library sources. What are the things we need to be aware of, and what are the low-hanging fruits we could utilize to help developers do their job securely? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #45 - What is happening with Docker? 55:02

לפני 3 years55:02

55:02

Have you heard any recent news from Docker? We haven't. That is why we decided to check up on Docker to see how it is doing and go through the tool's history and adoption. Clueless about the difference between Docker, Containerd, CRI-O? We got you covered. Also, we will highlight a couple of new handy capabilities added recently. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #44 - Kosli with Mike Long. From compliance to answering questions about the production environment 46:51

לפני 3 years46:51

46:51

We are excited about the new breed of tools coming to the market. We often had to put together tools to find out what was in production and what broke it. Your monitoring tools go as far as only telling you that something isn't working as expected but not why it is so, and then you have to scramble to figure out what versions of services are in production, were there any recent deploys, etc. So you can understand what has changed to narrow down possible causes. Our good friend Mike and his team are building the tool to answer exactly such questions, so we thought you might be interested in hearing him out. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #43 - Terraform 1.0 to 1.3.0. One year in review 37:51

לפני 3 years37:51

37:51

We are discussing what has happened in Terraform world since the 1.0 release last year and if there are new features worth mentioning, trends in Terraform development, etc. As well as doing a recap of the road to 1.0 and how long it took us to get there. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/ ). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #42 - Prometheus - a practitioner take 51:10

לפני 3 years51:10

51:10

If you follow CloudNative hype wave, you might feel that Prometheus is the must-use monitoring tool for everything CloudNative. Plus, almost everything nowadays has a Prometheus exporter. Just get that helm chart installed, and here you go - metrics question sorted out. Want to monitor endpoints - here is BlackBox exporter for you. Want to get notifications - AlertManager got you covered. And so on and so on. But is it all rainbows and unicorns? You probably guessed that it depends. This time, Semyon is joining us to air his grievances with Prometheus and share insights on how to cook it if you decide to go down this route.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #41 - Great communication FTW 40:07

לפני 3 years40:07

40:07

Communication in co-located teams is quite often complicated. It is even more complex and, at the same time, important in distributed teams. Have you ever got an issue report that says this thing is failing? No logs, no explanation of context, no nothing. Pretty sure we've all been in such situations. How do you step up your communication game? This episode of DevSecOps Talks is about great communication tips for DevSecOps practitioners in distributed (and not only) teams. Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #40 - Web3 and its implications for DevSecOps practitioners 43:33

לפני 3 years43:33

43:33

web3 has gotten a lot of attention lately; thus, it is time for us to separate facts from the hype. In this episode, we are trying to understand its implications for us as DevSecOps practitioners. Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #39 - Setting up tools and environments 27:41

לפני 3 years27:41

27:41

Andrey feels frustrated that he has to develop a way to configure environments for every customer. Think for yourself - you arrive at a new project or company. It is day one, and you need to get the right tools as well as the correct environment configuration. During this episode, we are trying to figure out how companies solve it. And is there a standard solution? What are the options? Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #38 - Platform teams with Henrik 1:02:15

לפני 3 years1:02:15

1:02:15

Henrik Hoegh is back to talk about his experiences working in the platform team at his new job, but before that, we are getting through the following topics: - bash is the future of automation (not really, but some people think so) - building multi-cloud solutions using k8s and service mesh solutions - Shuttle - CLI for handling shared build and deploy tools between projects no matter what technologies the projects are using https://github.com/lunarway/shuttle - when is it the time to start looking into the building application delivery platform - platform team as an enabler or evil gatekeeper - team topology Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

The DevSecOps Talks Podcast

1
DEVSECOPS Talks #37 - Surviving AWS outage (revised for 2021) 33:47

לפני 4 years33:47

33:47

us-east-1 will never go down, and if it would, half of the internet would go down. It is what people used to say. So, us-east-1 went down big time. What does it mean for us as practitioners? What should we consider going forward? In this episode, we talk through the incident and disaster recovery strategies you can consider to keep your company up Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.

תקשיבו ל-500+ נושאים

16 subscribers

דומה לThe DevSecOps Talks Podcast

Amazon Fire HD 10 tablet (newest model) built for relaxation, 10.1" vibrant Full HD screen, octa-core processor, 3 GB RAM, 32 GB, Black

Elmer's Disappearing Purple School Glue Sticks Washable 7 Grams 30 Count

Liquid I.V.® Hydration Multiplier - Lemon Lime | Electrolyte Powder Drink Mix | 1 Pack (16 Servings)

פודקאסטים ששווה להאזין

The DevSecOps Talks Podcast « » DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun

DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun

פודקאסטים ששווה להאזין

ברוכים הבאים אל Player FM!

Blink Mini 2 (Newest Model) — Home Security & Pet Camera(s) with HD video, color night view, motion detection, two-way audio, and built-in spotlight — 1 camera (White)

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

The Secret Of Life: Partners, Volume 2

Premier Protein Shake, Café Latte, 30g Protein, 1g Sugar, 24 Vitamins & Minerals, Nutrients to Support Immune Health 11.5 fl oz, 12 Pack

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

דומה לThe DevSecOps Talks Podcast

מדריך עזר מהיר

The DevSecOps Talks Podcast « »
DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun