Relating to DevSecOps
Latest Episodes
Episode #071: Retro Vibes with Retrospectives
Ken and Mike discuss the importance of postmortems in incident response and security incidents. They explore the definition of postmortems, the value of reflection, the challenges of blame, and the significance of actionable outcomes. They also touch on t
Episode: #070: Putting da BOM in SBOM and SCA
Ken and Mike discuss supply chain security, including software composition analysis (SCA) and software bill of materials (SBOM). They highlight the importance of understanding the components that make up your software and the risks associated with using t
Episode #069: Your SaaS is Grass
In this episode Mike and Ken dive into the wild world of SaaS products in DevSecOps. From vendors to security tooling hygiene they cover an often overlooked ecosystem of cloud and software services that may be rotting in the sky of your workloads. Join up
Episode #068: Data Breaches and DevSecOps
With pep and full youtube energy Ken and Mike discuss the findings of the IBM "Cost of a Data Breach" report and its implications for DevSecOps. They highlight the importance of integrating security into every phase of the software development life cycle
Episode #067: Welcome to 2024! AppSec Resolutions and A Smhoocon Recap
Ken and Mike discuss their new year's resolutions related to application security. They also reflect on the impact of AI and its adoption in the industry. The hosts share their experiences attending conferences and highlight interesting talks on topics su
Episode #066: Exploration of the Shifting Definition of Shifting Left
We are joined by incredible guests Mikhail Chechik and Marcus Hallberg as they help us define DevSecOps and emphasize the importance of a security mindset throughout the development process. These two incredible folks explore common misconceptions about s
Episode #065: LASCON 2023 Recap - AI, a Misunderstood Menace or Magic Bullet
On this episode of R2DSO Mike and Ken dive into their takeaways and experiences from LASCON 2023 in Austin, TX where AI was both a problem child and praised bringer of salvation in security. Vendors and companies alike are embracing AI with wide eyes and
Episode #064: Don't Instigate, Mitigate!
In this episode Ken and Mike dive directly into the meat with solutioning and mitigation. All too often security professionals finding themselves falling into the trap of focusing on vulnerability counts, evangelizing findings, and playing the age old gam
Episode #063: Unscrambling CloudSecSoup with CSPM, Vuln Management, SIEMs, and Log Aggregators
In today's episode, we untangle the web of alphabet-soup technologies: CSPM, VM, SIEM, and Log Aggregators. We go beyond the buzzwords to give you a no-nonsense look at how these tools fit together, complement each other, or might even replace one another
Episode #062: Cyber Sentinels: Ken and Mike in the DevSecOps Labyrinth
Dive headfirst into AppSec and Terraform security with Ken and Mike in this electrifying podcast episode. They demystify complex security concepts, offer golden nuggets on Cybersecurity programs as a DevSecOps concept, and provide a rare glimpse into the