show episodes
 
A show about getting your best ideas into the world and seeing what happens. We talk about code, ops, infrastructure, and the people that make it happen. Gerhard Lazu and friends explore all things DevOps, infra, and running apps in production. Whether you’re cloud native, Kubernetes curious, a pro SRE, or just operating a VPS… you’ll love coming along for the ride. Ship It honors the makers, the shippers, and the visionaries that see it through. Some people search for ShipIt or ShipItFM and ...
 
T
The DevSecOps Talks Podcast

1
The DevSecOps Talks Podcast

Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin

Unsubscribe
Unsubscribe
Monthly
 
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show n ...
 
The Application Security Podcast is brought to you by Security Journey. Chris Romeo and Robert Hurlbut dive into the stories from appsec experts. Each episode begins with how the guests’ got their start in cybersecurity and then dig into the tips, tricks, projects, and tactics that made them successful. They cover all things application security, topics ranging from threat modeling and OWASP projects to DevOps+security and security culture. They approach these stories in an educational light ...
 
K
Kubernetes Bytes

1
Kubernetes Bytes

Ryan Wallner & Bhavin Shah

Unsubscribe
Unsubscribe
Monthly+
 
Kubernetes Bytes is a podcast bringing you the latest from the world of cloud native data management. Hosts Ryan Wallner and Bhavin Shah come to you from Boston, Massachusetts with experienced backgrounds in cloud-native tech. They'll be sharing their thoughts on recent cloud native news and talking to industry experts about their experiences and challenges managing the wealth of data in today's cloud-native ecosystem.
 
Join Scott Hanselman every Friday as he engages one-on-one with the engineers who build the services that power Microsoft Azure as they demo capabilities, answer Scott's questions, and share their insights. Follow us at: friday.azure.com.
 
The show where we invite wonderful human beings to have a lightning-fast conversation about Devs, Ops and other Mythical Creatures. The show where each episode only lasts 15 minutes and we are focused on asking only 3 questions. So it’s short and sweet? Why? Well, because if there’s one thing we know it’s that great delivery comes in small batches.
 
The Security Collective is the podcast for leaders tasked with, and interested in, securing technology, people, processes and data for the protection of all. Join best-selling author Claire Pales, together with industry thought leaders who answer your questions about security leadership, trends, technologies, and more. 'The Security Collective' podcast - formerly 'The Secure CIO'
 
The Defense Entrepreneurs Forum (DEF) inspires, connects and empowers people in order to promote an innovative culture in the U.S. national security. The Minimum Viable Podcast (MVP) is our way of sharing about people, events, and activities going on across the virtuous insurgency. You should also follow us on social media and subscribe to our monthly newsletter to stay in the loop! You can learn more about the DEF community and get involved at def.org/join.
 
Welcome to the Cyber Security & Cloud Podcast #CSCP where we will explore the dark secret of cloud and cyber. The podcast focuses on people and their stories and explores the human element that brings so many people together Some episode will be for the well-seasoned cybersecurity veteran but most are about stories of infosec people and how they reach where they are now. The focus and various stream of the podcast is Cybersecurity, Cloud Security, Application Security Social Engineering, and ...
 
Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application ...
 
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Seri ...
 
O
On DoD

1
On DoD

Federal News Network | Hubbard Radio

Unsubscribe
Unsubscribe
Monthly
 
Federal News Network Defense Reporter Jared Serbu speaks one-on-one and in depth with the people responsible for managing the inner workings of the federal government's largest department, and those who know it best.
 
DevOps.com for the best chats on DevOps, Cyber, Cloud Native & Digital Transformation. DevOps Chats is brought you by MediaOps https://mediaops.io, the people behind DevOps.com, Security Boulevard, Container Journal, Digital Anarchist and more. Featuring CEO, editor in chief, Alan Shimel, talking with leading lights of the industry
 
P
Post Mortem

1
Post Mortem

François Paupier

Unsubscribe
Unsubscribe
Monthly
 
In Post Mortem, engineers reflect on real-life incidents of IT systems they experienced. In each episode, we zoom on a specific event, ranging from a system outage, a cyber-attack, or a machine learning algorithm going wild with production data. We try to understand what happened and how the people behind those systems solved the situation. Along the way, you'll get hands-on advice shared by experienced practitioners that you can implement within your team to limit the risk of such incidents.
 
Cloud Ace is your go-to podcast for in-depth expert discussions on all topics that touch cloud security. Information security professionals can tune in for fresh perspectives on building and managing secure cloud infrastructure, platforms, and applications. The insight shared by our experts on this podcast transcends cloud, making it valuable for professionals across all fields of cyber security. Brought to you by SANS Institute, Cloud Ace podcast delivers actionable insight through intervie ...
 
Curious about DevOps? In this podcast series we dive deep into the DevOps culture and chat with friends from small startups and large enterprises about what DevOps looks like in their organizations. Join us weekly to hear about the problems they are solving, how their teams work together, and the tools they are using to get the job done. Subscribe to the show to get into a DevOps State of Mind. This podcast is brought to you by LogDNA, the log management tool for teams that embrace DevOps.
 
Cybersecurity. InfoSec. DevSecOps. AppSec. Should companies be talking about these subjects only when they become too large? NO! Should cybersecurity be a priority for every company, no matter the size? YES! According to a study by BullGuard study in 2020, 43% of SMB owners have no cybersecurity defense plan in place at all – leaving their most sensitive financial, customer and business data, and ultimately their companies, at significant risk. Many startup and SMB companies will admit that ...
 
Whether you want to be or not, you are now part of the security economy. Your personal and professional data has value; do you know who has it? Your data may even have a life of its own on the dark web; what does that mean? You are one of four billion people who use the internet globally. Every time you do so, you risk your personal and professional data being stolen. The internet was never built for privacy and security; those are add-ons. The world wide web wasn't used for commercial purpo ...
 
Loading …
show series
 
Understanding and articulating cybersecurity risk is hard. With the adoption of DevSecOps tools and techniques and the increased coupling between the product being built and the tools used to build them, the attack surface of the product continues to grow by incorporating segments of the development environment. Thus, many enterprises are concerned…
 
Anshuman Bhartiya has been in application security for 14 years and is currently the Principal Security Engineer at Thirty Madison. Today with Francesco, they discuss bug bounty, how security approaches differ at big companies and startups, and the state of the industry. The episode is brought to you by Phoenix Security; get in control of your vuln…
 
Bret is joined by Matt Williams of Infra to show off their open source project Infra, which provides easy, centralized RBAC and auth to Kubernetes and more. Infra is a new company taking on simplifying centralized infrastructure, user authentication and permissions. Their open source tool by the same name is quite easy to start with. In this episod…
 
In our ops & infra world, we learn to optimise for redundancy, for mean time to recovery and for graceful degradation. We instinctively recognise single points of failure, and try to mitigate the risks associated with them. For some years now, Daniel Vassallo has been doing the same, but in the context of life & work. Daniel talks about the role of…
 
How is clean architecture evolving? Carl and Richard talk to Steve Smith about his efforts to build applications using clean architecture principles. The conversation starts with a comment from a listener about idealism around architecture - and a reminder that while there isn't one right way to do anything, using existing work, like clean architec…
 
Today we are recapping some of the great episodes from season 11 'In Case You Missed' them! We have put together a snippet of the best parts from each guest for you, and if you like what you hear, click below to listen to the full episode, or head to wherever you enjoy our podcast, and check out the full back catalogue. Links: Marc Bown Stephen Ken…
 
Phil Morris – On Leveraging Organizational Psychology to Reimagine Healthcare Cybersecurity In this episode of Agent of Influence, Nabil is joined by Phil Morris, the Director of Enterprise Security Risk Governance Team at Altera Digital Health. Phil shares how he leverages his background in organizational psychology to reimagine healthcare cyberse…
 
A $10M ransom demand to Riot Games, a DoS in BIND and why there's no version 10, an unexpected refactor at Twilio, insights in Rust from the git security audit, SQL Slammer 20 years later, the SQLMap tool Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw227…
 
In this episode, I speak with Caleb Queern, one of the authors of "Investments Unlimited" a book I highly recommend you get and read. While the book is fiction, there's a great deal of truth in the story about how automation can work for more than just DevSecOps. Compliance and audit also deserve a seat at the table. Learn how you can get more code…
 
DEF's executive director Trish Martinelli talks with Nicholas Marchand, the lead for the 757 Agora. Nick hosted one of many DEF events on November 10, 2022, now unofficially known as National DEF Day. Trish and Nick discussed the 757 Agora, its unique position in the national security ecosystem, and the value local Agoras add to DEF's mission to in…
 
In this episode, Ryan and Bhavin talk to Christoph Hartmann - the CTO and co-founder of Mondoo about all things Kubernetes Security. The discussion starts by talking about Kubernetes Security Posture Management (KSPM) and then dives into Software Bill Of Materials (SBOM) and SBOM Attestation. They also talk about the open-source project "cnspec" an…
 
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Scott Hissam, a researcher within the SEI’s Software Solutions Division who works on software assurance in Department of Defense (DoD) systems, talks with Linda Parker Gates, initiative lead for the SEI’s Software Acquisition Pathways, about the use of free an…
 
Last September, at the 🇨🇭 Swiss Cloud Native Day, Florian Forster, co-founder & CEO of ZITADEL, talked about why they switched to serverless containers. ZITADEL has a really interesting workload that is both CPU intensive and latency sensitive. On top of this, their users are global, and traffic is bursty. Florian talks about how they evaluated AWS…
 
How do you create a sustainable open-source ecosystem? Carl and Richard talk to Sarah Novotny about how the open-source community continues to evolve. Sarah talks about how the vast majority of software utilizes open-source code and should be contributing to those projects. Those contributions can be financial or development resources, whatever mak…
 
Davide Mauri joins Scott Hanselman to discuss a recently announced feature of Azure SQL DB that makes integration with REST APIs incredibly easy. A new system function enables Azure SQL DB to call any HTTP REST API securely: call an Azure Function, send a message to Event Hub, execute a DAX query in Power BI, enrich data with Cognitive Services, et…
 
Breach disclosures from T-Mobile and PayPal, SSRF in Azure services, Google Threat Horizons report, integer overflows and more, Rust in Chromium, ML for web scanning, Top 10 web hacking techniques of 2022 Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw226…
 
In the first episode of season 3, Ryan and Bhavin talk to Michael Guarino - the CTO of plural.sh about how plural helps users deploy applications on Kubernetes easily. They discuss the challenges associated with deploying applications consistently across different Kubernetes distributions, and talk about how Plural provides a unified solution that …
 
As we look forward into a new year 2023, we wanted to recap some of the most important developments we saw, and conversations we had during 2022. This episode features a look back at the key events and moments from the past twelve months before we share some of the expectations and predictions we have for the year ahead. Simon and Guypo sit down to…
 
Hila Fish is a Senior DevOps Engineer at Wix, a singer, and DevOpsDaysTLV co-organizer. She's also an acclaimed international speaker on the topics of both DevOps culture and technology. Listen to the episode to learn: - What's more important - pople, business or computers? - Why you should think twice before updating a Jira server. - Why DevOps wi…
 
We're pulling one out of the archives to start off 2023!This time we talk discovery sprints! We're joined by Jenn Noinaj (https://www.linkedin.com/in/actuallyjenn/)} and Kathryn Jurick(https://www.linkedin.com/in/kathrynjurick/), authors of the United States Digital Service guide to discovery sprints. We'll chat about what these are, how they're ru…
 
Alex Sidorenko is an experienced risk manager, the host of Risk Awareness Week, and runs a popular blog and Youtube channel called “Risk Academy.” In 2021, Alex was named the Risk Manager of the Year by FERMA for helping save 13 million dollars in insurance premiums. Today, he breaks down the three layers of risk management— basic, standardized, an…
 
Lars is big on Elixir. Think apps that scale really well, tend to be monolithic, and have one of the most mature deployment models: self-contained releases & built-in hot code reloading. In episode 7, Gerhard talked to Lars about “Why Kubernetes”. There is a follow-up YouTube stream that showed how to automate deploys for an Elixir app using K3s & …
 
Bret is joined by Anaïs Urlichs of Aqua Security to talk container and Kubernetes security tools like trivy, kube-bench, tracee, and kube-hunter. I've been using trivy for over four years to scan for known vulnerabilities in my own container images and my clients. We also look at tracee, a new tool that is part of a new generation of tools that use…
 
What is fusion development, and why do you want some? Carl and Richard talk to Vishwas Lele about his work with teams using the Microsoft Power Platform, including Power Apps and Power Automate. Vishwas talks about getting domain experts more involved in the development process - not just as advisors to the process but as co-creators. The role of p…
 
It’s our last episode for the season, and we are joined by a very good friend of Claire’s and of the podcast, Samm MacLeod. Samm and Claire discuss what's been happening since we caught up with her 12 months ago in season eight, when Samm generously shared her CISO journey through burnout and recent sabbatical. She's now back CISO-ing, and this tim…
 
DEF's executive director Trish Martinelli talks with Alex Gorsuch, the Chicago Agora lead, about his recent DEFx event, the Chicago entrepreneurial ecosystem, and his company Ascent. Trish and Alex also discuss future plans for the Chicago Agora and for DEF overall, and why individuals interested in the national security innovation space should get…
 
It's crucial to test recent changes before rolling them out to production, especially for mission-critical workloads. You want to be sure that the system is resilient after the latest code update. Combined with load testing, you can be confident that the system will maintain the expected performance. Heyko Oelrichs and Martin Šimiček join Scott Han…
 
Mainframe and midrange systems have been at the core of many organizations for their mission-critical workloads. Cristina Potra joins Scott Hanselman to talk about how these systems can be migrated to Azure with the migration frameworks, partners, and expertise. Learn about modernization complexities, strategies, and documentation to cater to every…
 
API Management has evolved! Carl and Richard talk to Tom Kerkhove about his new role working on Azure API Management. Tom talks about using Azure Arc to deploy the API Management service into your on-premises services. The conversation digs into more of the fundamentals around API management with rate limiting, authentication and authorization, bil…
 
Jamie Newman has a refreshing take on security and joins Claire as they chat about understanding the security posture in diverse organisations, they discuss about third party contracts, how much money you should be spending on compliance and what meaningful metrics might look like. Jamie is an experienced IT Leader with more than 20 years experienc…
 
Marcos Nils has been into platform engineering for the best part of the last decade. He helped architect & build developer platforms using VMs & OpenStack, containers with Docker, and even Kubernetes. He did this at startups with 10 people, as well as large, publicly traded companies with 1000+ software engineers. Today we talk with Marcos about th…
 
Today our focus shifts towards products for a change, and we welcome the CEO and Co-Founder of Project Discovery, Rishiraj Sharma, to talk about their story, as well as the genesis of the Nuclei project. With some wide-ranging experience in the worlds of engineering and product management, before he entered into the security space, Rishiraj has a u…
 
Prepare for PCI DSS 4.0 Changes with Raymond James’ Sr. Analyst of IT Security In this episode of Agent of Influence, Nabil is joined by Heather Hirschey, Senior Analyst of IT Security at Raymond James. They discuss the upcoming PCI DSS 4.0 changes, vulnerability management strategies and actionable advice, and resources for getting started in cybe…
 
Exposed secrets from CircleCI, web hackers target the auto industry, $100K bounty for making Google smart speakers listen, inspiration from Office Space, AWS making better defaults for S3, resources for learning Rust Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw225…
 
This segment will discuss options for protecting your APIs. First, why protect them? Second, what are the options and the tradeoffs. Segment Resources: - https://stackoverflow.blog/2022/04/11/the-complete-guide-to-protecting-your-apis-with-oauth2/ - https://fusionauth.io/learn/expert-advice/ - https://fusionauth.io/learn/expert-advice/oauth/modern-…
 
Robyn Lundin started working in tech after a coding boot camp as a developer for a small startup. She then discovered her passion for security, pivoted into pentesting for NCC Group, and now works as a Senior Product Security Engineer for Slack. Robyn joins us to discuss the role of penetration testing within the application security realm. Robyn p…
 
Lester Chng is a Veteran who transferred his war gaming military skills to the cooperate world. After being a Naval Combat Officer with the Singapore Navy for twelve years, he runs security exercise programs for a North American financial institution. Lester prepares high-level executives for worst-case scenario security crises. He explains that ex…
 
Bret is joined by two Chainguard co-founders, CEO Dan Lorenc and Head of Product, Kim Lewandowski, to break down the ins and outs of supply chain security and talk about Chainguard's approach to securing it. We dive into tools, including their new Wolfi Linux distro. We first talk about what that even is, because it's a buzzword right now, and not …
 
Loading …

Quick Reference Guide

Copyright 2023 | Sitemap | Privacy Policy | Terms of Service