Best Julien Bisconti Podcasts (2024)

1
#66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS 58:14

11d ago58:14

58:14

In this episode of DevSecOps Talks, co-hosts Andrey, Julien, and Mattias are joined by AWS Consultant Fernando Gonçalves to explore the complexities of AWS organization and account segmentation. Get insights into the debate over development, stage, and production accounts versus micro-segmentation. Don’t miss Julien's take on why he believes stagin…

1
#65 - Understanding Nats: An Explainer Of Its Features And Capabilities 37:18

1M ago37:18

37:18

Join Andrey, Julien, and Mattias in this episode of DevSecOps Talks as they discuss Nats.io, a messaging system popular among people building on top of Kubernetes. Julien explains how Nats is different from Kafka and shares his personal experience with the product. The hosts discuss the various use cases of Nats and explore its features and capabil…

1
DEVSECOPS Talks #64 - From Terraform To Opentofu: Story From The Trenches 39:40

2M ago39:40

39:40

In this episode of DevSecOps Talks, Andrey and Mattias are joined by Timur Bublik, Platform Engineering Lead at TIER Mobility. As always, it's practitioners for practitioners as they discuss the migration from Terraform to OpenTofu, TACOS tools, and how SpaceLift is used in Timur's organization. Listen in as they dive into their three favorite feat…

1
DEVSECOPS Talks #63 - Yet Another AI Episode 34:36

3M ago34:36

34:36

Julien has returned with some exciting AI news. A startup has made the bold claim that they are capable of building AI software engineer. Andrey shares details about another startup that generates infrastructure based on application source code. He also mentions his upcoming talk on the use of LLM-based tools. We also discuss how individuals can st…

1
DEVSECOPS Talks #62 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2023 33:22

3M ago33:22

33:22

In this episode of DevSecOps Talks, Andrey and Mattias discuss the latest announcements from re:Invent 2023 that are most relevant to DevSecOps practitioners. Which announcements are worth paying attention to? What are the implications for the DevSecOps community? Join us as we dive into the latest developments from AWS. Connect with us on LinkedIn…

1
DEVSECOPS Talks #61 - GitHub Actions And Evolution Of CI/CD Tools 46:21

4M ago46:21

46:21

Andrey has been exploring GitHub Actions and has some insights to share. How have CI/CD solutions transformed over time, and what innovations do GitHub Actions bring to the table? Julien drops a few tools that could be useful for GitHub Actions users. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to …

1
DEVSECOPS Talks #60 - ChatGPT Anniversary: Where Are We With AI In Our Everyday Work 41:37

5M ago41:37

41:37

Welcome to the first DevSecOps Talks episode of the new year! It's been a whole year since ChatGPT hit the scene – but how has AI adoption shaped our world since then? Join Julien, Mattias, and Andrey as they dive into the impact of AI on their workflows. How have their daily tech tools and practices evolved with AI integration? Plus, Julien gives …

1
DEVSECOPS Talks #59 - Migration Off The Cloud: To Leave or Not to Leave? 29:41

5M ago29:41

29:41

Is the grass greener outside the cloud? This episode dives into the trend of companies (notably Hey and Dropbox) migrating away from cloud services. Why are they leaving, and who would benefit from such a move? We also scrutinize the common belief that public clouds are overly expensive. Join us as we dissect various cloud cost optimization tools a…

1
DEVSECOPS Talks #58 - AWS CDK with Igor Soroka 40:03

6M ago40:03

40:03

You know our fondness for Terraform, but we are also open to exploring other tools. This episode is no different. We are joined by Igor Soroka, an expert in AWS serverless technology whose tool of choice is AWS CDK, but at the same time, he is no stranger to Terraform. We ask him practical questions about the tool and get answers based on his exper…

1
DEVSECOPS Talks #57 - Terraform Best Practices with Ben Goodman 36:38

7M ago36:38

36:38

In this episode, Mattias is joined by Ben Goodman, the founder of dragondrop.cloud, a platform that offers Terraform Best Practices as a Pull Request. They discuss the best workflows for Terraform, open-source tools that can be used in conjunction with Terraform, the most effective best practices, and common pitfalls to avoid when implementing infr…

1
DEVSECOPS Talks #56 - Backstage and Internal Development Platforms (IDP) 36:02

7M ago36:02

36:02

In this episode of DevSecOps Talks, join Andrey, Julien, and Mattias as they dive into the world of Backstage, the notable internal development platform. Mattias is keen to peel back the layers and understand what makes people think of Backstage as a must-have in modern DevOps toolchains. Andrey highlights the platform's core feature: a comprehensi…

1
DEVSECOPS Talks #55 - Unpacking System Initiative with Paul Stack 57:47

8M ago57:47

57:47

Our dialogue with Paul Stack resumes on DevSecOps Talks, almost two years after our initial podcast about his work on Pulumi (episode 25). As a warm-up, we talk about what prompted his move from Pulumi and his take on Open Terraform drama. The main topic of the episode is Paul's current focus, System Initiative; we probe into its purpose, the progr…

1
DEVSECOPS Talks #54 - HashiCorp’s BSL Move and OpenTF: What DevSecOps Practitioners Need to Know 33:36

9M ago33:36

33:36

In this episode of DevSecOps Talks, we dive deep into HashiCorp's recent shift to the Business Source License and its implications. Join Andrey, Julien, and Mattias as they unpack what this means for practitioners and explore the timeline of OpenTF initiative. Stay informed about what comes ahead with our latest discussion. Tune in! Connect with us…

1
DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun 49:22

11M ago49:22

49:22

We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework (https://pbom.dev). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain securi…

1
DEVSECOPS Talks #52 - Lingon a.k.a Juliens and Jacobs open source project 37:32

11M ago37:32

37:32

This time we got to talk about Lingon, an open-source project developed by Julian and Jacob who is a frequent podcast guest. Discover the motivations behind Lingon's creation and how it bridges the gap between Terraform and Kubernetes. Learn how Lingon simplifies infrastructure management, tackles frustrations with YAML and HCL, and offers greater …

1
DEVSECOPS Talks #51 - Provisioning bare-metal servers 48:56

12M ago48:56

48:56

Diving into the world of bare-metal servers, Mattias takes the helm solo for this episode. He's accompanied by special guests Michael Wagner and Ian Evans from Metify, the company that powers Mojo - a leading platform for bare-metal provisioning automation. While we often chat about the big cloud service providers, this time we're switching gears. …

1
DEVSECOPS Talks #50 - History of AWS networking and new ways to design your VPC setup 31:10

1y ago31:10

31:10

In this episode, we discuss the evolution of AWS networking capabilities from EC2-classic to VPC and advanced networking features. Andrey highlights that while many companies only use VPC and VPC peerings, there are lesser-known features that can significantly change how we approach networking setups on AWS. Connect with us on LinkedIn or Twitter (…

1
DEVSECOPS Talks #49 - Password managers, ways to share sensitive info, email aliases, ChatGPT and much more 52:39

1y ago52:39

52:39

This is a mixed bag of an episode, we chat about all sorts of digital tools and security practices that we use in our day-to-day lives. We start by talking about password managers, and why Julien still using LastPass after the recent LastPass data breach. Julien gives us the lowdown on his personal approach to handling passwords and two-factor auth…

1
DEVSECOPS Talks #48 - Building Data Platforms 46:08

1+ y ago46:08

46:08

Julien has extensive experience building data platforms for data engineering, so we got him talking and sharing. If infra for data engineering is your cup of tea, then this episode is for you. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or…

1
DEVSECOPS Talks #47 - Tracing explained 30:13

1+ y ago30:13

30:13

We discussed tracing before but never got around to explaining details such as fundamentals, terminology, etc. This time Julien goes into detail about what tracing is, what the benefits are, the basic terms you need to understand, and where to start. Great episode for those who are considering adding tracing capabilities to their systems. Connect w…

1
DEVSECOPS Talks #46 - Software supply chain attacks 50:10

1+ y ago50:10

50:10

We are happy to welcome back Jacob Lärfors, CEO and Senior Consultant from Verifa, to talk about software supply chain attacks. It feels important to raise this topic since those attacks start to be utilized more often by sophisticated adversaries. At the same time, software supply chain security is something that companies often overlook. We as pr…

1
DEVSECOPS Talks #45 - What is happening with Docker? 55:02

1+ y ago55:02

55:02

Have you heard any recent news from Docker? We haven't. That is why we decided to check up on Docker to see how it is doing and go through the tool's history and adoption. Clueless about the difference between Docker, Containerd, CRI-O? We got you covered. Also, we will highlight a couple of new handy capabilities added recently. Connect with us on…

1
DEVSECOPS Talks #44 - Kosli with Mike Long. From compliance to answering questions about the production environment 46:51

2y ago46:51

46:51

We are excited about the new breed of tools coming to the market. We often had to put together tools to find out what was in production and what broke it. Your monitoring tools go as far as only telling you that something isn't working as expected but not why it is so, and then you have to scramble to figure out what versions of services are in pro…

1
DEVSECOPS Talks #43 - Terraform 1.0 to 1.3.0. One year in review 37:51

2y ago37:51

37:51

We are discussing what has happened in Terraform world since the 1.0 release last year and if there are new features worth mentioning, trends in Terraform development, etc. As well as doing a recap of the road to 1.0 and how long it took us to get there. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy …

1
DEVSECOPS Talks #42 - Prometheus - a practitioner take 51:10

2y ago51:10

51:10

If you follow CloudNative hype wave, you might feel that Prometheus is the must-use monitoring tool for everything CloudNative. Plus, almost everything nowadays has a Prometheus exporter. Just get that helm chart installed, and here you go - metrics question sorted out. Want to monitor endpoints - here is BlackBox exporter for you. Want to get noti…

1
DEVSECOPS Talks #41 - Great communication FTW 40:07

2y ago40:07

40:07

Communication in co-located teams is quite often complicated. It is even more complex and, at the same time, important in distributed teams. Have you ever got an issue report that says this thing is failing? No logs, no explanation of context, no nothing. Pretty sure we've all been in such situations. How do you step up your communication game? Thi…

1
DEVSECOPS Talks #40 - Web3 and its implications for DevSecOps practitioners 43:33

2y ago43:33

43:33

web3 has gotten a lot of attention lately; thus, it is time for us to separate facts from the hype. In this episode, we are trying to understand its implications for us as DevSecOps practitioners. Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

1
DEVSECOPS Talks #39 - Setting up tools and environments 27:41

2+ y ago27:41

27:41

Andrey feels frustrated that he has to develop a way to configure environments for every customer. Think for yourself - you arrive at a new project or company. It is day one, and you need to get the right tools as well as the correct environment configuration. During this episode, we are trying to figure out how companies solve it. And is there a s…

1
DEVSECOPS Talks #38 - Platform teams with Henrik 1:02:15

2+ y ago1:02:15

1:02:15

Henrik Hoegh is back to talk about his experiences working in the platform team at his new job, but before that, we are getting through the following topics:- bash is the future of automation (not really, but some people think so)- building multi-cloud solutions using k8s and service mesh solutions- Shuttle - CLI for handling shared build and deplo…

1
DEVSECOPS Talks #37 - Surviving AWS outage (revised for 2021) 33:47

2+ y ago33:47

33:47

us-east-1 will never go down, and if it would, half of the internet would go down. It is what people used to say. So, us-east-1 went down big time. What does it mean for us as practitioners? What should we consider going forward? In this episode, we talk through the incident and disaster recovery strategies you can consider to keep your company up …

1
DEVSECOPS Talks #36 - Sturdy. Is it time for a new version control tool? 43:17

2+ y ago43:17

43:17

We have had Git around for more than 15 years, and during that time, it has become a standard de-facto to share code and track code changes. While Git is a superior version control system to most of what we have seen before, it has been 15 years since the first release. Should we be looking for new ways to approach version control systems? Is the t…

1
DEVSECOPS Talks #35 - Infrastructure as code (IAC) revisited 2021 38:49

2+ y ago38:49

38:49

Our first episode was about Infrastructure as code, and we feel that it is time to revisit the topic after almost two years. Another reason is the release of the second edition of Infrastructure as Code book by Keif Morris. Thus, in this episode, we revisit the definition of Infrastructure as code and try to summarize what has changed over the year…

1
DEVSECOPS Talks #34 - Google Next and HashiConf recap 36:23

2+ y ago36:23

36:23

Julien gives his impressions of Google Cloud Next 2021, and Andrey recaps HashiConf Global 2021 as well as gives his take with the twist on why do we might need HashiCorp Waypoint Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

1
DEVSECOPS Talks #33 - Do I need a service mesh? 28:21

2+ y ago28:21

28:21

Everyone seems to be talking about service mesh. Mattias, Julien, and Andrey are trying to separate hype and real value. Most importantly, they dig into when is the good time for the organization is to embrace service mesh and what are the prerequisites Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questi…

1
DEVSECOPS Talks #32 - Getting hired as an infrastructure automation person 25:36

3y ago25:36

25:36

As a follow-up to the [last episode about hiring an infrastructure automation person](https://devsecops.fm/episodes/31-hiring/) we decided to reverse the view and talk about how do you get hired as an infrastructure automation person. This episode is full of career advice for people who are just only from university as well as people who already ha…

1
DEVSECOPS Talks #31 - Hiring an infrastructure automation person 32:47

3y ago32:47

32:47

Have you ever conducted an interview to hire an infrastructure automation person? What would you ask? How do you check their skills? And what skills are essential? Tune in for our tips on hiring and finding the right person for your team! Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we wil…

1
DEVSECOPS Talks #30 - Logs, metrics and traces 32:03

3y ago32:03

32:03

Logs, metrics, and traces are the three pillars of observability. Where should you start? What are the common mistakes to avoid? And if you are to pick one - which one should you do? Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…

1
DEVSECOPS Talks #29 -Unikernels are here 47:35

3y ago47:35

47:35

This time we are talking unikernles! Ian Eyberg from NanoVMs joins us to discuss how far this technology is from prime time. And it turns out that you don't have to be a kernel developer to take advantage of unikernes. Today, there are tools available to package, distribute, and run them locally as well as in the public cloud. While talking to Ian,…

1
DEVSECOPS Talks #28 - Scaling Security 36:46

3y ago36:46

36:46

The real cloud lock-in is security! Every service/cloud provider has its own levels of granularity regarding resources. Cloud engineering is mainly about compute, storage, and networking and how to make them scale. Scaling security is often left out as it is hard to measure on so many levels. We think that it is a myth and that we can measure how m…

1
DEVSECOPS Talks #27 - AWS Bottlerocket - Open Source Contrainer OS from AWS. Explained 41:32

3y ago41:32

41:32

AWS released AWS Bottlerocket OS in March of 2020, and version 1.0.0 got released in August 2020. What is it? Should you be using it? What are the benefits? Is it ready for prime time? We answer all of those questions during this episode of DevSecOps Talks. Tune in! Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us abou…

1
DEVSECOPS Talks #26 - Git Branching Strategies. Do's and Don'ts 44:00

3y ago44:00

44:00

Johan Abildskov (@RandomSort, see episode 6) is back, and we are talking branching strategies! In particular, why you shouldn't be doing git-flow, and what are other options out there. This conversation takes us down memory lane to a more broad discussion about version control systems, mono-repositories, continuous integration, and delivery. We hop…

1
DEVSECOPS Talks #25 -All The Things You Wanted To Know About Pulumi. Explained 54:58

3+ y ago54:58

54:58

This time we are joined by Paul Stack (@stack72, Pulumi developer, former Terraform developer) and podcast friend Jacob Lärfors to talk about - what is Pulumi is? - understand the difference between Pulumi vs. Terraform (and if we should compare them at all) - What is hard about Pulumi? - What people ask the most? What are the common confusions? - …

1
DEVSECOPS Talks #24 - Ways To Protect Yourself From Data Breaches And Mitigate Consequences 36:01

3+ y ago36:01

36:01

Last week (week 6, 2021), seven data breaches were announced. In this episode, we discuss the possible scenarios for preventing attackers from getting a hold of your data, whether private or company data. And tips on how to mitigate the consequences of data leaks in cases when you have no control over data management (think of breach of 3rd party s…

1
DEVSECOPS Talks #23 - How Do We Run Kubernetes In The Cloud? 36:59

3+ y ago36:59

36:59

How do you run Kubernetes in the cloud? Still using Kops? Or is it time to jump to the managed offerings? We go through the list of things you might be missing out on if not yet using a managed solution. Also, in this episode - what do you always configure in the k8s cluster? CNI, Ingress, IAM, and even more! Visit https://devsecops.fm to see show …

1
DEVSECOPS Talks #22 - Who are Mattias, Julien and Andrey? 29:31

3+ y ago29:31

29:31

It's been almost a year since we started the podcast, but we never took time to explain who we are and what problems we solve for our customers/employers. So in this episode, you will find more details about us and, as usual, references to useful tools, talks, and techniques. Visit https://devsecops.fm to see show notes and https://gitter.im/devsec…

1
DEVSECOPS Talks #21 - Surviving AWS Outage 34:36

3+ y ago34:36

34:36

AWS had a severe incident at the end of November. Kinesis in us-east-1 went dark for quite some time, and a ripple effect caused degradation of other services like CloudWatch, ECS, and others. As a Cloud Engineering practitioner, how do you get yourself and your organization ready for a such turn of events? Visit https://devsecops.fm to see show no…

1
DEVSECOPS Talks #20-2020 - Monitoring Done Wrong or Dreaming For A Better Monitoring 31:02

3+ y ago31:02

31:02

Andrey wants monitoring to be more magical, or does he want a wrong thing? What are the sane defaults? And why do we have to set up boilerplate monitoring again and again? Mattias shares what he does for monitoring security events. Julien explains why using logs to debug in a microservices architecture is costly and inefficient. Visit https://devse…

1
DEVSECOPS Talks #19-2020 - Deleting Resources In The Cloud 31:02

3+ y ago31:02

31:02

How to decommission resources from your cloud environment to keep it clean? What to do when a resource is created without being in the infrastructure code? Andrey is going through a checklist he uses to delete resources and the utility serverless functions he wrote. ArgoCD is a project that does GitOps and automatically delete resources in Kubernet…

1
DEVSECOPS Talks #18-2020 - HashiConf Special 49:35

3+ y ago49:35

49:35

Initially, we planned this episode as a discussion about HashiCorp Nomad and invited Jacob Lärfors. He recently published a great article about his experience working with Nomad (see link in the show notes). However, because of a few postponements, and with HashiConf that happened just a week ago, we decided to extend the podcast’s scope to go over…

1
DEVSECOPS Talks #17-2020 - Best Practices for Building Docker Images 33:28

3+ y ago33:28

33:28

This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it! The topic of this episode is building docker images - automation, security, best practices. In this episode, we discuss: Saving money wi…

Podcasts Worth a Listen

Julien Bisconti Podcasts

Podcasts Worth a Listen

Quick Reference Guide