Relating to DevSecOps
![Cover art of Relating to DevSecOps Relating to DevSecOps](https://assets.blubrry.com/coverart/300/1336611-1713447236.jpg)
Latest Episodes
Episode #030: Blueprints, Reference Architectures, and Plans - Building Apps Securely
In this episode we chat blueprints, security patterns, reference architectures, and plans. Basically what we've seen in terms of the left hand side of the SDLC in establishing requirements early. This topic came about after reading the recent AWS Sec
Episode #029: Does anyone REALLY do DevSecOps, and succeed?
In this somewhat makeshift, low-power episode recorded during the NYC power grid strain we do our best at getting inventive with recording techniques. Topic of the day is does DevSecOps really work? We discuss some of our failures, frustrations, and succe
Episode #028: Non-technical management and Email as your IDE
Episode number 28 moves us back to a more people focused topic as we dive into technical vs non-technical management, leadership, management styles, how we've approached managers and management in our careers, and general hot takes on leadership and
Episode #027: Hot Takes on Blogs: Part I - Are QA, BA, and DBAs Dead?
In this react video of a podcast we have a look at a recent blog post on whether the QA, DBA, and BA jobs are going away in favor of more consolidated roles in development such as the full stack engineer and cloud services like abstracted databases. Simon
Episode #026: Starting right by shifting left - what to do at build time
After such a fun conversation last week, we bring Mike back in to discuss applying security at build time and what we can do with infrastructure as code through linting and early analysis. We break down the difference between Linting, Policy as Code, and
Episode #025: Warm blankets around your cloud with CSPM and Michael McCabe
Episode 25 is all about CSPM and our good friend Michael McCabe. Mike has a ton of experience securing application and cloud workloads and we break down how CSPM fits into the larger landscape of DevSecOps. Whether you look at it as the first step, last s
Episode #024: The first line of defense for MicroServices - AUTH
And that means authentication and authorization. Once you start splitting up the monolithic apps and iterating faster and faster, how does your mindset on security change? Simon and I have our own opinions, but we're starting with authentication and
Episode #023: A call back to Microservices - do we even get it yet?
Ken and Simon talk engineering and security ramifications of microservices, why organizations choose to split up their treasured applications and cut them into bite size pieces for ease of use and maintenance. As with most technological advances - the bes
Relating to DevSecOps #001: What is DevSecOps?!
What is DevSecOps!? a battle of definitions between Security and DevOps