The DevSecOps Talks Podcast https://devsecops.fm This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show notes, and discussion of past and upcoming episodes visit devsecops.fm Wed, 11 Mar 2026 20:18:56 -0300 https://podbean.com/?v=5.5 en Copyright 2020 All rights reserved. Technology 1440 episodic This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do right technology bets, help their organizations to deliver value and last but not the least to have some fun. Tune in for talks about technology, ways of working and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show notes, and discussion of past and upcoming episodes visit devsecops.fm Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin No false https://pbcdn1.podbean.com/imglogo/image-logo/7619951/pod_cover.png The DevSecOps Talks Podcast https://devsecops.fm 144 144 #94 - Small Tasks, Big Wins: The AI Dev Loop at System Initiative #94 - Small Tasks, Big Wins: The AI Dev Loop at System Initiative https://devsecops.podbean.com/e/94-small-tasks-big-wins-the-ai-dev-loop-at-system-initiative/ https://devsecops.podbean.com/e/94-small-tasks-big-wins-the-ai-dev-loop-at-system-initiative/#comments Wed, 11 Mar 2026 20:18:56 -0300 devsecops.podbean.com/84c78a8d-46ee-509a-9ce0-4de00bb8e907  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3162 94 full #93 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2025 #93 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2025 https://devsecops.podbean.com/e/93-the-devsecops-perspective-key-takeaways-from-reinvent-2025/ https://devsecops.podbean.com/e/93-the-devsecops-perspective-key-takeaways-from-reinvent-2025/#comments Thu, 05 Mar 2026 19:25:08 -0400 devsecops.podbean.com/0ae9693a-2a34-5cf4-b6d6-564882c785a0  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1650 93 full #92 - From System Initiative to SWAMP: Agent-Native Infra with Paul Stack #92 - From System Initiative to SWAMP: Agent-Native Infra with Paul Stack https://devsecops.podbean.com/e/92-from-system-initiative-to-swamp-agent-native-infra-with-paul-stack/ https://devsecops.podbean.com/e/92-from-system-initiative-to-swamp-agent-native-infra-with-paul-stack/#comments Fri, 20 Feb 2026 17:06:17 -0400 devsecops.podbean.com/15bf51df-2263-5e6c-ab81-792100f55025  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2875 92 full #91 - January security roundup: CVSS 10 in n8n, self-hosted AI scares, and nonstop patching #91 - January security roundup: CVSS 10 in n8n, self-hosted AI scares, and nonstop patching https://devsecops.podbean.com/e/91-january-security-roundup-cvss-10-in-n8n-self-hosted-ai-scares-and-nonstop-patching/ https://devsecops.podbean.com/e/91-january-security-roundup-cvss-10-in-n8n-self-hosted-ai-scares-and-nonstop-patching/#comments Wed, 04 Feb 2026 18:51:46 -0400 devsecops.podbean.com/b94c4f22-10e7-5295-9939-395429fe3210  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2641 91 full #90 - K8s vs Managed Services: Cost, Lock-In, and Reality #90 - K8s vs Managed Services: Cost, Lock-In, and Reality https://devsecops.podbean.com/e/90-k8s-vs-managed-services-cost-lock-in-and-reality/ https://devsecops.podbean.com/e/90-k8s-vs-managed-services-cost-lock-in-and-reality/#comments Mon, 19 Jan 2026 11:40:00 -0400 devsecops.podbean.com/55cdd99e-f57e-5eb6-98d6-2d89274ef3ba  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3104 90 full #89 - Agents, Reviews, and Secrets: Real Talk on AI in Dev #89 - Agents, Reviews, and Secrets: Real Talk on AI in Dev https://devsecops.podbean.com/e/89-agents-reviews-and-secrets-real-talk-on-ai-in-dev/ https://devsecops.podbean.com/e/89-agents-reviews-and-secrets-real-talk-on-ai-in-dev/#comments Mon, 05 Jan 2026 11:25:00 -0400 devsecops.podbean.com/b550f032-c9ee-570a-9e13-2ca6e437a3aa  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2041 89 full #88 - EU Compliance 101: DSA, MiCA explained #88 - EU Compliance 101: DSA, MiCA explained https://devsecops.podbean.com/e/88-eu-compliance-101-dsa-mica-explained/ https://devsecops.podbean.com/e/88-eu-compliance-101-dsa-mica-explained/#comments Mon, 22 Dec 2025 11:15:00 -0400 devsecops.podbean.com/09c98e1b-9247-5e99-a614-ac8dab8b09a0  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1856 88 full #87 - EU Compliance 101: AI Act, DORA, NIS2 explained #87 - EU Compliance 101: AI Act, DORA, NIS2 explained https://devsecops.podbean.com/e/87-eu-compliance-101-ai-act-dora-nis2-explained/ https://devsecops.podbean.com/e/87-eu-compliance-101-ai-act-dora-nis2-explained/#comments Mon, 08 Dec 2025 09:31:26 -0400 devsecops.podbean.com/79bebac2-cd77-5142-8b49-a86fdfdadc6a  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2300 87 full #86 - MCP plugins: your next security blind spot? #86 - MCP plugins: your next security blind spot? https://devsecops.podbean.com/e/86-mcp-plugins-your-next-security-blind-spot/ https://devsecops.podbean.com/e/86-mcp-plugins-your-next-security-blind-spot/#comments Fri, 21 Nov 2025 12:25:23 -0400 devsecops.podbean.com/d694c130-cf36-5eaa-8ce8-984e73144949  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3894 86 full #85 - Is It Time for OpenTofu? Our HashiConf Takeaways #85 - Is It Time for OpenTofu? Our HashiConf Takeaways https://devsecops.podbean.com/e/85-is-it-time-for-opentofu-our-hashiconf-takeaways/ https://devsecops.podbean.com/e/85-is-it-time-for-opentofu-our-hashiconf-takeaways/#comments Thu, 23 Oct 2025 10:36:36 -0300 devsecops.podbean.com/2e0b2014-ba53-5731-a38f-9c664435e22e  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1846 85 full #84 - AI for DevSecOps: Current Wins and Ongoing Gaps #84 - AI for DevSecOps: Current Wins and Ongoing Gaps https://devsecops.podbean.com/e/84-ai-for-devsecops-current-wins-and-ongoing-gaps/ https://devsecops.podbean.com/e/84-ai-for-devsecops-current-wins-and-ongoing-gaps/#comments Tue, 30 Sep 2025 07:50:04 -0300 devsecops.podbean.com/96c9e32f-406a-5e36-b68c-86754bab4842  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2122 84 full #83 - Opentofu Vs Terraform: Where We Are Now With Cole Bittel #83 - Opentofu Vs Terraform: Where We Are Now With Cole Bittel https://devsecops.podbean.com/e/83-opentofu-vs-terraform-where-we-are-now-with-cole-bittel/ https://devsecops.podbean.com/e/83-opentofu-vs-terraform-where-we-are-now-with-cole-bittel/#comments Wed, 17 Sep 2025 10:23:58 -0300 devsecops.podbean.com/ea2918d9-6fa1-5032-9990-84a94bca2e90 It’s been a while since OpenTofu was released to the public, so we wanted to check in on where it stands today. How is the community adopting it? What’s the public sentiment? And how does it differ from Terraform in terms of features?

This time we’re joined by Cole Bittel, an experienced SRE, platform engineer, and contributor to OpenTofu. He shares his hands-on experience migrating to OpenTofu, and we look into the problems teams face with infrastructure as code and how both Terraform and OpenTofu approach solving them.

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> It’s been a while since OpenTofu was released to the public, so we wanted to check in on where it stands today. How is the community adopting it? What’s the public sentiment? And how does it differ from Terraform in terms of features?

This time we’re joined by Cole Bittel, an experienced SRE, platform engineer, and contributor to OpenTofu. He shares his hands-on experience migrating to OpenTofu, and we look into the problems teams face with infrastructure as code and how both Terraform and OpenTofu approach solving them.

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2325 83 full #82 - Tools, Mcps, And Attack Scenarios #82 - Tools, Mcps, And Attack Scenarios https://devsecops.podbean.com/e/82-tools-mcps-and-attack-scenarios/ https://devsecops.podbean.com/e/82-tools-mcps-and-attack-scenarios/#comments Mon, 25 Aug 2025 04:45:39 -0300 devsecops.podbean.com/8f4c5a38-714c-5187-997f-14b8757f4679  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]>  

We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

DevSecOps Talks podcast LinkedIn page

DevSecOps Talks podcast website

DevSecOps Talks podcast YouTube channel

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2217 82 full #81 - Keeping Secrets Safe #81 - Keeping Secrets Safe https://devsecops.podbean.com/e/81-keeping-secrets-safe/ https://devsecops.podbean.com/e/81-keeping-secrets-safe/#comments Mon, 30 Jun 2025 10:45:21 -0300 devsecops.podbean.com/d63aa0a3-89bf-5356-a275-237eeba9ab75 Still pasting tokens into Slack? What types of secrets are at risk, and which tools fit which consumer—humans, CI/CD, or workloads? Where do most teams stumble, and how do you fix it fast? Hear our no-nonsense checklist.

 

Connect with us on LinkedIn or X (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

The video version of this episode is available on our YouTube channel

LinkedIn page of the DevSecOps Talks team is here

]]> Still pasting tokens into Slack? What types of secrets are at risk, and which tools fit which consumer—humans, CI/CD, or workloads? Where do most teams stumble, and how do you fix it fast? Hear our no-nonsense checklist.

 

Connect with us on LinkedIn or X (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

The video version of this episode is available on our YouTube channel

LinkedIn page of the DevSecOps Talks team is here

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2015 81 full #80 - Understanding Passkeys: Benefits And Limitations #80 - Understanding Passkeys: Benefits And Limitations https://devsecops.podbean.com/e/80-understanding-passkeys-benefits-and-limitations/ https://devsecops.podbean.com/e/80-understanding-passkeys-benefits-and-limitations/#comments Wed, 21 May 2025 10:57:04 -0300 devsecops.podbean.com/7d5be75a-a742-5bf1-a594-e171cb2b32ab Passkeys are gaining attention as a new way to log in without passwords. How do they work, and how do they compare to traditional multi-factor authentication (MFA)? In this episode, we explore the history of passwords, the strengths and weaknesses of common MFA methods, and the potential of passkeys to enhance security. What threats do passkeys mitigate, and what still remain?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Passkeys are gaining attention as a new way to log in without passwords. How do they work, and how do they compare to traditional multi-factor authentication (MFA)? In this episode, we explore the history of passwords, the strengths and weaknesses of common MFA methods, and the potential of passkeys to enhance security. What threats do passkeys mitigate, and what still remain?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2215 80 full #79 - Going Local: What’S Driving The Move? #79 - Going Local: What’S Driving The Move? https://devsecops.podbean.com/e/79-going-local-what-s-driving-the-move/ https://devsecops.podbean.com/e/79-going-local-what-s-driving-the-move/#comments Wed, 23 Apr 2025 17:57:21 -0300 devsecops.podbean.com/403f02bd-a3d4-53ba-bfc6-ecf7f9d4fac4  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1231 79 full #78 - Building AI Tools For IaC Compliance #78 - Building AI Tools For IaC Compliance https://devsecops.podbean.com/e/78-building-ai-tools-for-iac-compliance/ https://devsecops.podbean.com/e/78-building-ai-tools-for-iac-compliance/#comments Wed, 09 Apr 2025 13:20:00 -0300 devsecops.podbean.com/7035adcb-82cc-5821-973b-5a2e78a3c6b8 In this guest episode, we chat with Davlet Dzhakishev, co-founder of Cloudgeni, who’s working on an AI-powered approach to fixing compliance issues in IaC. What’s the state of tools in this space? Where does his idea fit in? And how should we think about the relationship between compliance and security?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> In this guest episode, we chat with Davlet Dzhakishev, co-founder of Cloudgeni, who’s working on an AI-powered approach to fixing compliance issues in IaC. What’s the state of tools in this space? Where does his idea fit in? And how should we think about the relationship between compliance and security?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2472 78 full #77 - Chaos Engineering Explained: Part 2 #77 - Chaos Engineering Explained: Part 2 https://devsecops.podbean.com/e/77-chaos-engineering-explained-part-2/ https://devsecops.podbean.com/e/77-chaos-engineering-explained-part-2/#comments Wed, 26 Mar 2025 13:40:53 -0300 devsecops.podbean.com/c8ad6db5-eedb-5bc5-866a-aebd4099391a  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2070 77 full #76 - Chaos Engineering Explained: Part 1 #76 - Chaos Engineering Explained: Part 1 https://devsecops.podbean.com/e/76-chaos-engineering-explained-part-1/ https://devsecops.podbean.com/e/76-chaos-engineering-explained-part-1/#comments Tue, 11 Mar 2025 18:47:57 -0300 devsecops.podbean.com/b5ba0da0-ee87-50e1-8ab5-c2d244fd9a30  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1589 76 full #75 - Learning from the Crisis: Post-Incident Actions #75 - Learning from the Crisis: Post-Incident Actions https://devsecops.podbean.com/e/75-learning-from-the-crisis-post-incident-actions/ https://devsecops.podbean.com/e/75-learning-from-the-crisis-post-incident-actions/#comments Thu, 27 Feb 2025 17:12:51 -0400 devsecops.podbean.com/3268d696-1a13-593b-b154-4407f35d963a  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1458 75 full #74 - From Preparation To Execution: Handling An Active Incident #74 - From Preparation To Execution: Handling An Active Incident https://devsecops.podbean.com/e/74-from-preparation-to-execution-handling-an-active-incident/ https://devsecops.podbean.com/e/74-from-preparation-to-execution-handling-an-active-incident/#comments Mon, 10 Feb 2025 12:59:51 -0400 devsecops.podbean.com/dd83e1b8-a5de-5867-93a7-239dc0627472  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1670 74 full #73 - Incident Response: Key Preparations You Need #73 - Incident Response: Key Preparations You Need https://devsecops.podbean.com/e/73-incident-response-key-preparations-you-need/ https://devsecops.podbean.com/e/73-incident-response-key-preparations-you-need/#comments Wed, 22 Jan 2025 12:04:32 -0400 devsecops.podbean.com/7d271473-8b38-5258-9415-ca29dc6bd6fb  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2303 73 full #72 - AWS Resource Control Policies (RCPs) #72 - AWS Resource Control Policies (RCPs) https://devsecops.podbean.com/e/72-devsecops-perspective-on-aws-reinvent-2024-announcements/ https://devsecops.podbean.com/e/72-devsecops-perspective-on-aws-reinvent-2024-announcements/#comments Tue, 14 Jan 2025 07:40:42 -0400 devsecops.podbean.com/9ea3d7db-26be-5fc0-9e2c-c0d62e1ab42c We are looking into recently announced AWS Resource Control Policies. What are they? How are they different from Service Control Policies? What is a Data Perimeter? Tune in to find out!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> We are looking into recently announced AWS Resource Control Policies. What are they? How are they different from Service Control Policies? What is a Data Perimeter? Tune in to find out!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1285 72 full #71 - Unpacking The Dora Accelerate State Of Devops Report #71 - Unpacking The Dora Accelerate State Of Devops Report https://devsecops.podbean.com/e/71-unpacking-the-dora-accelerate-state-of-devops-report/ https://devsecops.podbean.com/e/71-unpacking-the-dora-accelerate-state-of-devops-report/#comments Fri, 20 Dec 2024 09:58:05 -0400 devsecops.podbean.com/566c8560-16db-5dea-a6d4-4cb665118e99  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2449 71 full #70 - System Initiative Goes Ga #70 - System Initiative Goes Ga https://devsecops.podbean.com/e/70-system-initiative-goes-ga/ https://devsecops.podbean.com/e/70-system-initiative-goes-ga/#comments Thu, 28 Nov 2024 17:35:26 -0400 devsecops.podbean.com/35d8cff2-24fe-5033-b743-bce33d25723e  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2426 70 full #69 - Who Is Paulina? #69 - Who Is Paulina? https://devsecops.podbean.com/e/69-who-is-paulina/ https://devsecops.podbean.com/e/69-who-is-paulina/#comments Fri, 08 Nov 2024 15:41:09 -0400 devsecops.podbean.com/8f81703d-e115-538e-9061-c701a66a48c5  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2536 69 full #68 - Julien’s Last Episode? #68 - Julien’s Last Episode? https://devsecops.podbean.com/e/68-julien-s-last-episode/ https://devsecops.podbean.com/e/68-julien-s-last-episode/#comments Thu, 17 Oct 2024 17:25:55 -0300 devsecops.podbean.com/8a962f52-0c15-5a50-8ebd-f799c8bdc2ab  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1636 68 full #67 - Building MVP On AWS #67 - Building MVP On AWS https://devsecops.podbean.com/e/67-building-mvp-on-aws/ https://devsecops.podbean.com/e/67-building-mvp-on-aws/#comments Thu, 03 Oct 2024 17:20:50 -0300 devsecops.podbean.com/285973b1-afa4-53be-b0c8-dd763012f7a9  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1793 67 full #66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS #66 - Multi-Account Strategy And Landing Zones: Account Segmentation Approaches For Security And Efficiency On AWS https://devsecops.podbean.com/e/66-multi-account-strategy-and-landing-zones-account-segmentation-approaches-for-security-and-efficiency-on-aws/ https://devsecops.podbean.com/e/66-multi-account-strategy-and-landing-zones-account-segmentation-approaches-for-security-and-efficiency-on-aws/#comments Mon, 27 May 2024 08:53:17 -0300 devsecops.podbean.com/2bb950d6-e110-5118-a10d-56897b414162  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3494 66 full #65 - Understanding Nats: An Explainer Of Its Features And Capabilities #65 - Understanding Nats: An Explainer Of Its Features And Capabilities https://devsecops.podbean.com/e/65-understanding-nats-an-explainer-of-its-features-and-capabilities/ https://devsecops.podbean.com/e/65-understanding-nats-an-explainer-of-its-features-and-capabilities/#comments Tue, 07 May 2024 17:04:29 -0300 devsecops.podbean.com/a0bd1ba2-a598-5e8f-8ebd-28603b7f78f9  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2238 65 full DEVSECOPS Talks #64 - From Terraform To Opentofu: Story From The Trenches DEVSECOPS Talks #64 - From Terraform To Opentofu: Story From The Trenches https://devsecops.podbean.com/e/devsecops-talks-64-from-terraform-to-opentofu-story-from-the-trenches/ https://devsecops.podbean.com/e/devsecops-talks-64-from-terraform-to-opentofu-story-from-the-trenches/#comments Thu, 11 Apr 2024 16:45:08 -0300 devsecops.podbean.com/8b5e88ad-6292-53ff-8bc8-857b80e2b8b9  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2380 64 full DEVSECOPS Talks #63 - Yet Another AI Episode DEVSECOPS Talks #63 - Yet Another AI Episode https://devsecops.podbean.com/e/devsecops-talks-63-yet-another-ai-episode/ https://devsecops.podbean.com/e/devsecops-talks-63-yet-another-ai-episode/#comments Thu, 14 Mar 2024 18:28:59 -0300 devsecops.podbean.com/11cb27b3-f361-5834-bff7-f37208e508eb  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2076 63 full DEVSECOPS Talks #62 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2023 DEVSECOPS Talks #62 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2023 https://devsecops.podbean.com/e/devsecops-talks-62-the-devsecops-perspective-key-takeaways-from-reinvent-2023/ https://devsecops.podbean.com/e/devsecops-talks-62-the-devsecops-perspective-key-takeaways-from-reinvent-2023/#comments Sat, 02 Mar 2024 18:00:41 -0400 devsecops.podbean.com/54187f2a-3df6-5b83-b705-1d436ddb12f2  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]>  

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2002 62 full DEVSECOPS Talks #61 - GitHub Actions And Evolution Of CI/CD Tools DEVSECOPS Talks #61 - GitHub Actions And Evolution Of CI/CD Tools https://devsecops.podbean.com/e/devsecops-talks-61-github-actions-and-evolution-of-cicd-tools/ https://devsecops.podbean.com/e/devsecops-talks-61-github-actions-and-evolution-of-cicd-tools/#comments Thu, 08 Feb 2024 17:44:54 -0400 devsecops.podbean.com/0143ae2e-de5c-3a1c-9871-98a3c9d7feb5 Andrey has been exploring GitHub Actions and has some insights to share. How have CI/CD solutions transformed over time, and what innovations do GitHub Actions bring to the table? Julien drops a few tools that could be useful for GitHub Actions users. 

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Andrey has been exploring GitHub Actions and has some insights to share. How have CI/CD solutions transformed over time, and what innovations do GitHub Actions bring to the table? Julien drops a few tools that could be useful for GitHub Actions users. 

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2781 61 full DEVSECOPS Talks #60 - ChatGPT Anniversary: Where Are We With AI In Our Everyday Work DEVSECOPS Talks #60 - ChatGPT Anniversary: Where Are We With AI In Our Everyday Work https://devsecops.podbean.com/e/devsecops-talks-60-chatgpt-anniversary-where-are-we-with-ai-in-our-every-day-work/ https://devsecops.podbean.com/e/devsecops-talks-60-chatgpt-anniversary-where-are-we-with-ai-in-our-every-day-work/#comments Thu, 25 Jan 2024 17:36:32 -0400 devsecops.podbean.com/b5e38fc0-851a-3389-b800-a0e13bbc0ddc Welcome to the first DevSecOps Talks episode of the new year! It's been a whole year since ChatGPT hit the scene – but how has AI adoption shaped our world since then? Join Julien, Mattias, and Andrey as they dive into the impact of AI on their workflows. How have their daily tech tools and practices evolved with AI integration? Plus, Julien gives us an insider's look at running models locally. Are these AI tools enhancing our efficiency? Tune in to find out how these advancements are reshaping the landscape of DevSecOps.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Welcome to the first DevSecOps Talks episode of the new year! It's been a whole year since ChatGPT hit the scene – but how has AI adoption shaped our world since then? Join Julien, Mattias, and Andrey as they dive into the impact of AI on their workflows. How have their daily tech tools and practices evolved with AI integration? Plus, Julien gives us an insider's look at running models locally. Are these AI tools enhancing our efficiency? Tune in to find out how these advancements are reshaping the landscape of DevSecOps.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2497 60 full DEVSECOPS Talks #59 - Migration Off The Cloud: To Leave or Not to Leave? DEVSECOPS Talks #59 - Migration Off The Cloud: To Leave or Not to Leave? https://devsecops.podbean.com/e/devsecops-talks-59-migration-off-the-cloud-to-leave-or-not-to-leave/ https://devsecops.podbean.com/e/devsecops-talks-59-migration-off-the-cloud-to-leave-or-not-to-leave/#comments Tue, 16 Jan 2024 05:02:33 -0400 devsecops.podbean.com/3924079a-c3c9-3881-8a24-2418be2fddd8 Is the grass greener outside the cloud? This episode dives into the trend of companies (notably Hey and Dropbox) migrating away from cloud services. Why are they leaving, and who would benefit from such a move? We also scrutinize the common belief that public clouds are overly expensive. Join us as we dissect various cloud cost optimization tools and techniques.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Is the grass greener outside the cloud? This episode dives into the trend of companies (notably Hey and Dropbox) migrating away from cloud services. Why are they leaving, and who would benefit from such a move? We also scrutinize the common belief that public clouds are overly expensive. Join us as we dissect various cloud cost optimization tools and techniques.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1781 59 full DEVSECOPS Talks #58 - AWS CDK with Igor Soroka DEVSECOPS Talks #58 - AWS CDK with Igor Soroka https://devsecops.podbean.com/e/devsecops-talks-58-aws-cdk-with-igor-soroka/ https://devsecops.podbean.com/e/devsecops-talks-58-aws-cdk-with-igor-soroka/#comments Thu, 28 Dec 2023 09:38:55 -0400 devsecops.podbean.com/86ac7527-d059-3fe1-81eb-1e407930f996 You know our fondness for Terraform, but we are also open to exploring other tools. This episode is no different. We are joined by Igor Soroka, an expert in AWS serverless technology whose tool of choice is AWS CDK, but at the same time, he is no stranger to Terraform. We ask him practical questions about the tool and get answers based on his experience applying it to real-life projects. If you have been curious about CDK, how it functions, and if it's appropriate for you, then tune in to learn more.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> You know our fondness for Terraform, but we are also open to exploring other tools. This episode is no different. We are joined by Igor Soroka, an expert in AWS serverless technology whose tool of choice is AWS CDK, but at the same time, he is no stranger to Terraform. We ask him practical questions about the tool and get answers based on his experience applying it to real-life projects. If you have been curious about CDK, how it functions, and if it's appropriate for you, then tune in to learn more.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2403 58 full DEVSECOPS Talks #57 - Terraform Best Practices with Ben Goodman DEVSECOPS Talks #57 - Terraform Best Practices with Ben Goodman https://devsecops.podbean.com/e/devsecops-talks-57-terraform-best-practices-with-ben-goodman/ https://devsecops.podbean.com/e/devsecops-talks-57-terraform-best-practices-with-ben-goodman/#comments Thu, 23 Nov 2023 07:44:29 -0400 devsecops.podbean.com/2fe896be-d74b-3a35-b92a-181f3cb2114f In this episode, Mattias is joined by Ben Goodman, the founder of dragondrop.cloud, a platform that offers Terraform Best Practices as a Pull Request. They discuss the best workflows for Terraform, open-source tools that can be used in conjunction with Terraform, the most effective best practices, and common pitfalls to avoid when implementing infrastructure as code using Terraform.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> In this episode, Mattias is joined by Ben Goodman, the founder of dragondrop.cloud, a platform that offers Terraform Best Practices as a Pull Request. They discuss the best workflows for Terraform, open-source tools that can be used in conjunction with Terraform, the most effective best practices, and common pitfalls to avoid when implementing infrastructure as code using Terraform.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2198 57 full DEVSECOPS Talks #56 - Backstage and Internal Development Platforms (IDP) DEVSECOPS Talks #56 - Backstage and Internal Development Platforms (IDP) https://devsecops.podbean.com/e/devsecops-talks-56-backstage-and-internal-development-platforms-idp/ https://devsecops.podbean.com/e/devsecops-talks-56-backstage-and-internal-development-platforms-idp/#comments Wed, 08 Nov 2023 07:44:20 -0400 devsecops.podbean.com/dc2830f2-b224-31e8-aa37-32936086dd80 In this episode of DevSecOps Talks, join Andrey, Julien, and Mattias as they dive into the world of Backstage, the notable internal development platform. Mattias is keen to peel back the layers and understand what makes people think of Backstage as a must-have in modern DevOps toolchains. Andrey highlights the platform's core feature: a comprehensive registry that keeps track of every software service running within a company. Could this signify a revival of IT change management, but with a twist? We've moved on from the days of cumbersome ticketing systems to streamlined internal development platforms. The team also ponders the future role of infrastructure engineers as they navigate the rising tides of AI—will AI become the new face behind these developer portals? Tune in to find out!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> In this episode of DevSecOps Talks, join Andrey, Julien, and Mattias as they dive into the world of Backstage, the notable internal development platform. Mattias is keen to peel back the layers and understand what makes people think of Backstage as a must-have in modern DevOps toolchains. Andrey highlights the platform's core feature: a comprehensive registry that keeps track of every software service running within a company. Could this signify a revival of IT change management, but with a twist? We've moved on from the days of cumbersome ticketing systems to streamlined internal development platforms. The team also ponders the future role of infrastructure engineers as they navigate the rising tides of AI—will AI become the new face behind these developer portals? Tune in to find out!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2162 56 full DEVSECOPS Talks #55 - Unpacking System Initiative with Paul Stack DEVSECOPS Talks #55 - Unpacking System Initiative with Paul Stack https://devsecops.podbean.com/e/devsecops-talks-55-unpacking-system-initiative-with-paul-stack/ https://devsecops.podbean.com/e/devsecops-talks-55-unpacking-system-initiative-with-paul-stack/#comments Tue, 17 Oct 2023 05:58:04 -0300 devsecops.podbean.com/a27da8b6-6ab8-3f69-b156-8bcb60e82788 Our dialogue with Paul Stack resumes on DevSecOps Talks, almost two years after our initial podcast about his work on Pulumi (episode 25). As a warm-up, we talk about what prompted his move from Pulumi and his take on Open Terraform drama. The main topic of the episode is Paul's current focus, System Initiative; we probe into its purpose, the progress so far, and the promise it holds for redefining how we think of doing Infrastructure as Code and DevSecOps workflows in general.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Our dialogue with Paul Stack resumes on DevSecOps Talks, almost two years after our initial podcast about his work on Pulumi (episode 25). As a warm-up, we talk about what prompted his move from Pulumi and his take on Open Terraform drama. The main topic of the episode is Paul's current focus, System Initiative; we probe into its purpose, the progress so far, and the promise it holds for redefining how we think of doing Infrastructure as Code and DevSecOps workflows in general.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3467 55 full DEVSECOPS Talks #54 - HashiCorp’s BSL Move and OpenTF: What DevSecOps Practitioners Need to Know DEVSECOPS Talks #54 - HashiCorp’s BSL Move and OpenTF: What DevSecOps Practitioners Need to Know https://devsecops.podbean.com/e/devsecops-talks-54-hashicorp-s-bsl-move-and-opentf-what-devsecops-practitioners-need-to-know/ https://devsecops.podbean.com/e/devsecops-talks-54-hashicorp-s-bsl-move-and-opentf-what-devsecops-practitioners-need-to-know/#comments Thu, 14 Sep 2023 09:18:55 -0300 devsecops.podbean.com/d26f6e37-25df-300a-882a-c35059807e1a In this episode of DevSecOps Talks, we dive deep into HashiCorp's recent shift to the Business Source License and its implications. Join Andrey, Julien, and Mattias as they unpack what this means for practitioners and explore the timeline of OpenTF initiative. Stay informed about what comes ahead with our latest discussion. Tune in!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> In this episode of DevSecOps Talks, we dive deep into HashiCorp's recent shift to the Business Source License and its implications. Join Andrey, Julien, and Mattias as they unpack what this means for practitioners and explore the timeline of OpenTF initiative. Stay informed about what comes ahead with our latest discussion. Tune in!

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2016 54 full DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun DEVSECOPS Talks #53 - Open Software Supply Chain Attack Reference Framework with Neatsun https://devsecops.podbean.com/e/devsecops-talks-53-open-software-supply-chain-attack-reference-framework-with-neatsun/ https://devsecops.podbean.com/e/devsecops-talks-53-open-software-supply-chain-attack-reference-framework-with-neatsun/#comments Tue, 01 Aug 2023 10:47:07 -0300 devsecops.podbean.com/26d39a06-cadb-3489-9162-c27d9119c346 We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework (https://pbom.dev). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain security. If you are looking to understand the Open Source Software Supply Chain, then this episode is perfect for you.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> We had the opportunity to talk with Neatsun Ziv, one of the founders of Ox Security, about the Open Source Software Supply Chain Attack Reference Framework (https://pbom.dev). We delved deeper into possible attack vectors and explored ways to mitigate some of them. During our discussions, we also had a couple of unusual takes on supply chain security. If you are looking to understand the Open Source Software Supply Chain, then this episode is perfect for you.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2962 53 full DEVSECOPS Talks #52 - Lingon a.k.a Juliens and Jacobs open source project DEVSECOPS Talks #52 - Lingon a.k.a Juliens and Jacobs open source project https://devsecops.podbean.com/e/devsecops-talks-52-lingon-aka-juliens-and-jacobs-open-source-project/ https://devsecops.podbean.com/e/devsecops-talks-52-lingon-aka-juliens-and-jacobs-open-source-project/#comments Thu, 13 Jul 2023 16:42:02 -0300 devsecops.podbean.com/1a169880-1673-37d3-b83c-61765a62bd09 This time we got to talk about Lingon, an open-source project developed by Julian and Jacob who is a frequent podcast guest. Discover the motivations behind Lingon's creation and how it bridges the gap between Terraform and Kubernetes. Learn how Lingon simplifies infrastructure management, tackles frustrations with YAML and HCL, and offers greater control and automation.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> This time we got to talk about Lingon, an open-source project developed by Julian and Jacob who is a frequent podcast guest. Discover the motivations behind Lingon's creation and how it bridges the gap between Terraform and Kubernetes. Learn how Lingon simplifies infrastructure management, tackles frustrations with YAML and HCL, and offers greater control and automation.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2252 52 full DEVSECOPS Talks #51 - Provisioning bare-metal servers DEVSECOPS Talks #51 - Provisioning bare-metal servers https://devsecops.podbean.com/e/devsecops-talks-51-provisioning-bare-metal-servers/ https://devsecops.podbean.com/e/devsecops-talks-51-provisioning-bare-metal-servers/#comments Fri, 30 Jun 2023 09:01:02 -0300 devsecops.podbean.com/b235f540-435c-36db-9a14-f9334dafe350 Diving into the world of bare-metal servers, Mattias takes the helm solo for this episode. He's accompanied by special guests Michael Wagner and Ian Evans from Metify, the company that powers Mojo - a leading platform for bare-metal provisioning automation.

While we often chat about the big cloud service providers, this time we're switching gears. If you've been curious about how real-world, physical servers are set up and managed, this episode is just for you. Join Mattias, Michael, and Ian as they dive into the nuts and bolts of setting up servers - a topic that Mattias is super passionate about.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Diving into the world of bare-metal servers, Mattias takes the helm solo for this episode. He's accompanied by special guests Michael Wagner and Ian Evans from Metify, the company that powers Mojo - a leading platform for bare-metal provisioning automation.

While we often chat about the big cloud service providers, this time we're switching gears. If you've been curious about how real-world, physical servers are set up and managed, this episode is just for you. Join Mattias, Michael, and Ian as they dive into the nuts and bolts of setting up servers - a topic that Mattias is super passionate about.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2936 51 full DEVSECOPS Talks #50 - History of AWS networking and new ways to design your VPC setup DEVSECOPS Talks #50 - History of AWS networking and new ways to design your VPC setup https://devsecops.podbean.com/e/devsecops-talks-50-history-of-aws-networking-and-new-ways-to-design-your-vpc-setup/ https://devsecops.podbean.com/e/devsecops-talks-50-history-of-aws-networking-and-new-ways-to-design-your-vpc-setup/#comments Thu, 18 May 2023 16:51:09 -0300 devsecops.podbean.com/d31389f4-e96a-3b79-84a9-e808c3c52316 In this episode, we discuss the evolution of AWS networking capabilities from EC2-classic to VPC and advanced networking features. Andrey highlights that while many companies only use VPC and VPC peerings, there are lesser-known features that can significantly change how we approach networking setups on AWS.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> In this episode, we discuss the evolution of AWS networking capabilities from EC2-classic to VPC and advanced networking features. Andrey highlights that while many companies only use VPC and VPC peerings, there are lesser-known features that can significantly change how we approach networking setups on AWS.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes or hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1870 50 full DEVSECOPS Talks #49 - Password managers, ways to share sensitive info, email aliases, ChatGPT and much more DEVSECOPS Talks #49 - Password managers, ways to share sensitive info, email aliases, ChatGPT and much more https://devsecops.podbean.com/e/devsecops-talks-49-tools/ https://devsecops.podbean.com/e/devsecops-talks-49-tools/#comments Wed, 12 Apr 2023 08:03:13 -0300 devsecops.podbean.com/fa2d716d-f1c3-34f7-ba60-60446987eca0 This is a mixed bag of an episode, we chat about all sorts of digital tools and security practices that we use in our day-to-day lives. We start by talking about password managers, and why Julien still using LastPass after the recent LastPass data breach. Julien gives us the lowdown on his personal approach to handling passwords and two-factor authentication (2FA) tokens, showing us why strong security measures matter.

Julien also shares his favorite email alias service and we discuss services for sharing sensitive information to keep mail inboxes cleaner and more private.

We also spoke about ChatGPT, an AI language model from OpenAI - will it replace jobs? should we be using it? And how?

Just a heads up, we aren't sponsored by companies we mention in this episode. We're just sharing our personal experiences and the stuff we like to use.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> This is a mixed bag of an episode, we chat about all sorts of digital tools and security practices that we use in our day-to-day lives. We start by talking about password managers, and why Julien still using LastPass after the recent LastPass data breach. Julien gives us the lowdown on his personal approach to handling passwords and two-factor authentication (2FA) tokens, showing us why strong security measures matter.

Julien also shares his favorite email alias service and we discuss services for sharing sensitive information to keep mail inboxes cleaner and more private.

We also spoke about ChatGPT, an AI language model from OpenAI - will it replace jobs? should we be using it? And how?

Just a heads up, we aren't sponsored by companies we mention in this episode. We're just sharing our personal experiences and the stuff we like to use.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3159 49 full DEVSECOPS Talks #48 - Building Data Platforms DEVSECOPS Talks #48 - Building Data Platforms https://devsecops.podbean.com/e/devsecops-talks-48-building-data-platforms/ https://devsecops.podbean.com/e/devsecops-talks-48-building-data-platforms/#comments Wed, 08 Mar 2023 12:52:35 -0400 devsecops.podbean.com/36c95727-2ecb-3622-bbeb-4eaaa550d219 Julien has extensive experience building data platforms for data engineering, so we got him talking and sharing. If infra for data engineering is your cup of tea, then this episode is for you.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Julien has extensive experience building data platforms for data engineering, so we got him talking and sharing. If infra for data engineering is your cup of tea, then this episode is for you.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2768 48 full DEVSECOPS Talks #47 - Tracing explained DEVSECOPS Talks #47 - Tracing explained https://devsecops.podbean.com/e/devsecops-talks-47-tracing-explained/ https://devsecops.podbean.com/e/devsecops-talks-47-tracing-explained/#comments Tue, 07 Feb 2023 07:43:47 -0400 devsecops.podbean.com/18e45d9f-5564-3f1d-b12f-be1feb2c879e We discussed tracing before but never got around to explaining details such as fundamentals, terminology, etc. This time Julien goes into detail about what tracing is, what the benefits are, the basic terms you need to understand, and where to start. Great episode for those who are considering adding tracing capabilities to their systems.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> We discussed tracing before but never got around to explaining details such as fundamentals, terminology, etc. This time Julien goes into detail about what tracing is, what the benefits are, the basic terms you need to understand, and where to start. Great episode for those who are considering adding tracing capabilities to their systems.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1813 47 full DEVSECOPS Talks #46 - Software supply chain attacks DEVSECOPS Talks #46 - Software supply chain attacks https://devsecops.podbean.com/e/devsecops-talks-46-software-supply-chain-attacks/ https://devsecops.podbean.com/e/devsecops-talks-46-software-supply-chain-attacks/#comments Thu, 01 Dec 2022 07:27:43 -0400 devsecops.podbean.com/759df7ed-1865-32d0-92de-3025afa46eca We are happy to welcome back Jacob Lärfors, CEO and Senior Consultant from Verifa, to talk about software supply chain attacks. It feels important to raise this topic since those attacks start to be utilized more often by sophisticated adversaries. At the same time, software supply chain security is something that companies often overlook. We as practitioners have so many things to consider and do that, in most cases, we do not have enough cognitive capacity left when looking into our library sources. What are the things we need to be aware of, and what are the low-hanging fruits we could utilize to help developers do their job securely?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> We are happy to welcome back Jacob Lärfors, CEO and Senior Consultant from Verifa, to talk about software supply chain attacks. It feels important to raise this topic since those attacks start to be utilized more often by sophisticated adversaries. At the same time, software supply chain security is something that companies often overlook. We as practitioners have so many things to consider and do that, in most cases, we do not have enough cognitive capacity left when looking into our library sources. What are the things we need to be aware of, and what are the low-hanging fruits we could utilize to help developers do their job securely?

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3010 46 full DEVSECOPS Talks #45 - What is happening with Docker? DEVSECOPS Talks #45 - What is happening with Docker? https://devsecops.podbean.com/e/devsecops-talks-45-what-is-happening-with-docker/ https://devsecops.podbean.com/e/devsecops-talks-45-what-is-happening-with-docker/#comments Wed, 02 Nov 2022 08:15:52 -0300 devsecops.podbean.com/2380004f-f8e7-3932-84bd-e439728d62e2 Have you heard any recent news from Docker? We haven't. That is why we decided to check up on Docker to see how it is doing and go through the tool's history and adoption. Clueless about the difference between Docker, Containerd, CRI-O? We got you covered. Also, we will highlight a couple of new handy capabilities added recently.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Have you heard any recent news from Docker? We haven't. That is why we decided to check up on Docker to see how it is doing and go through the tool's history and adoption. Clueless about the difference between Docker, Containerd, CRI-O? We got you covered. Also, we will highlight a couple of new handy capabilities added recently.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3302 45 full DEVSECOPS Talks #44 - Kosli with Mike Long. From compliance to answering questions about the production environment DEVSECOPS Talks #44 - Kosli with Mike Long. From compliance to answering questions about the production environment https://devsecops.podbean.com/e/devsecops-talks-44-kosli-with-mike-long-from-compliance-to-answering-questions-about-the-production-environment/ https://devsecops.podbean.com/e/devsecops-talks-44-kosli-with-mike-long-from-compliance-to-answering-questions-about-the-production-environment/#comments Thu, 01 Sep 2022 08:08:03 -0300 devsecops.podbean.com/abb7f437-2b97-3211-a4af-80ab72271165 We are excited about the new breed of tools coming to the market. We often had to put together tools to find out what was in production and what broke it. Your monitoring tools go as far as only telling you that something isn't working as expected but not why it is so, and then you have to scramble to figure out what versions of services are in production, were there any recent deploys, etc. So you can understand what has changed to narrow down possible causes. Our good friend Mike and his team are building the tool to answer exactly such questions, so we thought you might be interested in hearing him out.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> We are excited about the new breed of tools coming to the market. We often had to put together tools to find out what was in production and what broke it. Your monitoring tools go as far as only telling you that something isn't working as expected but not why it is so, and then you have to scramble to figure out what versions of services are in production, were there any recent deploys, etc. So you can understand what has changed to narrow down possible causes. Our good friend Mike and his team are building the tool to answer exactly such questions, so we thought you might be interested in hearing him out.

 

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2811 44 full DEVSECOPS Talks #43 - Terraform 1.0 to 1.3.0. One year in review DEVSECOPS Talks #43 - Terraform 1.0 to 1.3.0. One year in review https://devsecops.podbean.com/e/devsecops-talks-43-terraform-10-to-130-one-year-in-review/ https://devsecops.podbean.com/e/devsecops-talks-43-terraform-10-to-130-one-year-in-review/#comments Tue, 28 Jun 2022 09:06:02 -0300 devsecops.podbean.com/b1fdaf3a-9a81-3a0c-8ae7-5199ad9c198e We are discussing what has happened in Terraform world since the 1.0 release last year and if there are new features worth mentioning, trends in Terraform development, etc. As well as doing a recap of the road to 1.0 and how long it took us to get there.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> We are discussing what has happened in Terraform world since the 1.0 release last year and if there are new features worth mentioning, trends in Terraform development, etc. As well as doing a recap of the road to 1.0 and how long it took us to get there.

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer your questions, hear suggestions for new episodes or just hear from you, our listeners.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2271 43 full DEVSECOPS Talks #42 - Prometheus - a practitioner take DEVSECOPS Talks #42 - Prometheus - a practitioner take https://devsecops.podbean.com/e/devsecops-talks-42-prometheus-a-practitioner-take/ https://devsecops.podbean.com/e/devsecops-talks-42-prometheus-a-practitioner-take/#comments Thu, 19 May 2022 08:48:41 -0300 devsecops.podbean.com/ecabbc82-b66a-32f1-b1b7-9cde84d4bb7c If you follow CloudNative hype wave, you might feel that Prometheus is the must-use monitoring tool for everything CloudNative. Plus, almost everything nowadays has a Prometheus exporter. Just get that helm chart installed, and here you go - metrics question sorted out. Want to monitor endpoints - here is BlackBox exporter for you. Want to get notifications - AlertManager got you covered. And so on and so on. But is it all rainbows and unicorns? You probably guessed that it depends. This time, Semyon is joining us to air his grievances with Prometheus and share insights on how to cook it if you decide to go down this route.

]]> If you follow CloudNative hype wave, you might feel that Prometheus is the must-use monitoring tool for everything CloudNative. Plus, almost everything nowadays has a Prometheus exporter. Just get that helm chart installed, and here you go - metrics question sorted out. Want to monitor endpoints - here is BlackBox exporter for you. Want to get notifications - AlertManager got you covered. And so on and so on. But is it all rainbows and unicorns? You probably guessed that it depends. This time, Semyon is joining us to air his grievances with Prometheus and share insights on how to cook it if you decide to go down this route.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3070 42 full DEVSECOPS Talks #41 - Great communication FTW DEVSECOPS Talks #41 - Great communication FTW https://devsecops.podbean.com/e/devsecops-talks-41-great-communication-ftw/ https://devsecops.podbean.com/e/devsecops-talks-41-great-communication-ftw/#comments Tue, 26 Apr 2022 04:57:43 -0300 devsecops.podbean.com/c8c99010-0706-3e5b-af83-31b950eb92b9 Communication in co-located teams is quite often complicated. It is even more complex and, at the same time, important in distributed teams. Have you ever got an issue report that says this thing is failing? No logs, no explanation of context, no nothing. Pretty sure we've all been in such situations. How do you step up your communication game? This episode of DevSecOps Talks is about great communication tips for DevSecOps practitioners in distributed (and not only) teams.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Communication in co-located teams is quite often complicated. It is even more complex and, at the same time, important in distributed teams. Have you ever got an issue report that says this thing is failing? No logs, no explanation of context, no nothing. Pretty sure we've all been in such situations. How do you step up your communication game? This episode of DevSecOps Talks is about great communication tips for DevSecOps practitioners in distributed (and not only) teams.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2407 41 full DEVSECOPS Talks #40 - Web3 and its implications for DevSecOps practitioners DEVSECOPS Talks #40 - Web3 and its implications for DevSecOps practitioners https://devsecops.podbean.com/e/devsecops-talks-40-web3-and-its-implications-for-devsecops-practitioners/ https://devsecops.podbean.com/e/devsecops-talks-40-web3-and-its-implications-for-devsecops-practitioners/#comments Wed, 23 Mar 2022 09:47:57 -0300 devsecops.podbean.com/8968689a-6060-37af-a2b4-1a5c3c3baa10 web3 has gotten a lot of attention lately; thus, it is time for us to separate facts from the hype. In this episode, we are trying to understand its implications for us as DevSecOps practitioners.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> web3 has gotten a lot of attention lately; thus, it is time for us to separate facts from the hype.
In this episode, we are trying to understand its implications for us as DevSecOps practitioners.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2613 40 full DEVSECOPS Talks #39 - Setting up tools and environments DEVSECOPS Talks #39 - Setting up tools and environments https://devsecops.podbean.com/e/devsecops-talks-39-setting-up-tools-and-environments/ https://devsecops.podbean.com/e/devsecops-talks-39-setting-up-tools-and-environments/#comments Mon, 07 Feb 2022 14:23:00 -0400 devsecops.podbean.com/4d09536c-f360-3d65-acd8-e3a212c8f489 Andrey feels frustrated that he has to develop a way to configure environments for every customer. Think for yourself - you arrive at a new project or company. It is day one, and you need to get the right tools as well as the correct environment configuration. During this episode, we are trying to figure out how companies solve it. And is there a standard solution? What are the options?

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Andrey feels frustrated that he has to develop a way to configure environments for every customer. Think for yourself - you arrive at a new project or company. It is day one, and you need to get the right tools as well as the correct environment configuration. During this episode, we are trying to figure out how companies solve it. And is there a standard solution? What are the options?

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1661 39 full DEVSECOPS Talks #38 - Platform teams with Henrik DEVSECOPS Talks #38 - Platform teams with Henrik https://devsecops.podbean.com/e/devsecops-talks-38-platform-teams-with-henrik/ https://devsecops.podbean.com/e/devsecops-talks-38-platform-teams-with-henrik/#comments Mon, 24 Jan 2022 13:18:18 -0400 devsecops.podbean.com/c58164d2-a32a-39b2-93e1-e0c792e45e8f https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.]]> https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3735 38 full DEVSECOPS Talks #37 - Surviving AWS outage (revised for 2021) DEVSECOPS Talks #37 - Surviving AWS outage (revised for 2021) https://devsecops.podbean.com/e/devsecops-talks-37-surviving-aws-outage-revised-for-2021/ https://devsecops.podbean.com/e/devsecops-talks-37-surviving-aws-outage-revised-for-2021/#comments Fri, 07 Jan 2022 17:58:42 -0400 devsecops.podbean.com/c8accab9-0482-3155-a184-30f273309214 us-east-1 will never go down, and if it would, half of the internet would go down. It is what people used to say. So, us-east-1 went down big time. What does it mean for us as practitioners? What should we consider going forward? In this episode, we talk through the incident and disaster recovery strategies you can consider to keep your company up

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> us-east-1 will never go down, and if it would, half of the internet would go down. It is what people used to say. So, us-east-1 went down big time. What does it mean for us as practitioners? What should we consider going forward? In this episode, we talk through the incident and disaster recovery strategies you can consider to keep your company up

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2027 37 full DEVSECOPS Talks #36 - Sturdy. Is it time for a new version control tool? DEVSECOPS Talks #36 - Sturdy. Is it time for a new version control tool? https://devsecops.podbean.com/e/devsecops-talks-36-sturdy-is-it-time-for-a-new-version-control-tool/ https://devsecops.podbean.com/e/devsecops-talks-36-sturdy-is-it-time-for-a-new-version-control-tool/#comments Tue, 07 Dec 2021 04:46:17 -0400 devsecops.podbean.com/fd36bdb7-7fa2-3044-91bd-49c67e81c912 We have had Git around for more than 15 years, and during that time, it has become a standard de-facto to share code and track code changes. While Git is a superior version control system to most of what we have seen before, it has been 15 years since the first release. Should we be looking for new ways to approach version control systems? Is the time right for the next generation of tools in this area?

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> We have had Git around for more than 15 years, and during that time, it has become a standard de-facto to share code and track code changes. While Git is a superior version control system to most of what we have seen before, it has been 15 years since the first release. Should we be looking for new ways to approach version control systems? Is the time right for the next generation of tools in this area?

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2597 36 full DEVSECOPS Talks #35 - Infrastructure as code (IAC) revisited 2021 DEVSECOPS Talks #35 - Infrastructure as code (IAC) revisited 2021 https://devsecops.podbean.com/e/devsecops-talks-35-infrastructure-as-code-iac-revisited-2021/ https://devsecops.podbean.com/e/devsecops-talks-35-infrastructure-as-code-iac-revisited-2021/#comments Tue, 16 Nov 2021 06:31:34 -0400 devsecops.podbean.com/14f11fea-b94b-31d1-b5a3-2247855d47b7 Our first episode was about Infrastructure as code, and we feel that it is time to revisit the topic after almost two years. Another reason is the release of the second edition of Infrastructure as Code book by Keif Morris. Thus, in this episode, we revisit the definition of Infrastructure as code and try to summarize what has changed over the years. We hope you like it!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Our first episode was about Infrastructure as code, and we feel that it is time to revisit the topic after almost two years. Another reason is the release of the second edition of Infrastructure as Code book by Keif Morris. Thus, in this episode, we revisit the definition of Infrastructure as code and try to summarize what has changed over the years. We hope you like it!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2329 35 full DEVSECOPS Talks #34 - Google Next and HashiConf recap DEVSECOPS Talks #34 - Google Next and HashiConf recap https://devsecops.podbean.com/e/devsecops-talks-34-google-next-and-hashiconf-recap/ https://devsecops.podbean.com/e/devsecops-talks-34-google-next-and-hashiconf-recap/#comments Tue, 02 Nov 2021 10:17:20 -0300 devsecops.podbean.com/3cc49bcb-6764-3360-8dad-cd8bf44cd07a Julien gives his impressions of Google Cloud Next 2021, and Andrey recaps HashiConf Global 2021 as well as gives his take with the twist on why do we might need HashiCorp Waypoint

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Julien gives his impressions of Google Cloud Next 2021, and Andrey recaps HashiConf Global 2021 as well as gives his take with the twist on why do we might need HashiCorp Waypoint

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2183 34 full DEVSECOPS Talks #33 - Do I need a service mesh? DEVSECOPS Talks #33 - Do I need a service mesh? https://devsecops.podbean.com/e/devsecops-talks-33-do-i-need-a-service-mesh/ https://devsecops.podbean.com/e/devsecops-talks-33-do-i-need-a-service-mesh/#comments Thu, 30 Sep 2021 05:28:14 -0300 devsecops.podbean.com/1ef3aefe-b54e-39e0-8a0f-93648b521777 Everyone seems to be talking about service mesh. Mattias, Julien, and Andrey are trying to separate hype and real value. Most importantly, they dig into when is the good time for the organization is to embrace service mesh and what are the prerequisites

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Everyone seems to be talking about service mesh. Mattias, Julien, and Andrey are trying to separate hype and real value. Most importantly, they dig into when is the good time for the organization is to embrace service mesh and what are the prerequisites

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1701 33 full DEVSECOPS Talks #32 - Getting hired as an infrastructure automation person DEVSECOPS Talks #32 - Getting hired as an infrastructure automation person https://devsecops.podbean.com/e/devsecops-talks-32-getting-hired-as-an-infrastructure-automation-person/ https://devsecops.podbean.com/e/devsecops-talks-32-getting-hired-as-an-infrastructure-automation-person/#comments Mon, 13 Sep 2021 10:37:02 -0300 devsecops.podbean.com/839cab3d-3d87-32d7-855a-fa8d5f02792c As a follow-up to the [last episode about hiring an infrastructure automation person](https://devsecops.fm/episodes/31-hiring/) we decided to reverse the view and talk about how do you get hired as an infrastructure automation person. This episode is full of career advice for people who are just only from university as well as people who already have experience in the industry.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> As a follow-up to the [last episode about hiring an infrastructure automation person](https://devsecops.fm/episodes/31-hiring/) we decided to reverse the view and talk about how do you get hired as an infrastructure automation person. This episode is full of career advice for people who are just only from university as well as people who already have experience in the industry.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1536 32 full DEVSECOPS Talks #31 - Hiring an infrastructure automation person DEVSECOPS Talks #31 - Hiring an infrastructure automation person https://devsecops.podbean.com/e/devsecops-talks-31-hiring-an-infrastructure-automation-person/ https://devsecops.podbean.com/e/devsecops-talks-31-hiring-an-infrastructure-automation-person/#comments Tue, 24 Aug 2021 08:16:37 -0300 devsecops.podbean.com/9726394c-9bbc-394d-ac16-0c2b7a708a52  

Have you ever conducted an interview to hire an infrastructure automation person? What would you ask? How do you check their skills? And what skills are essential? Tune in for our tips on hiring and finding the right person for your team!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]>  

Have you ever conducted an interview to hire an infrastructure automation person? What would you ask? How do you check their skills? And what skills are essential? Tune in for our tips on hiring and finding the right person for your team!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1967 31 full DEVSECOPS Talks #30 - Logs, metrics and traces DEVSECOPS Talks #30 - Logs, metrics and traces https://devsecops.podbean.com/e/devsecops-talks-30-log-metrics-and-traces/ https://devsecops.podbean.com/e/devsecops-talks-30-log-metrics-and-traces/#comments Wed, 23 Jun 2021 08:41:06 -0300 devsecops.podbean.com/daaee644-5d75-3ea6-b2ca-422a30a7fca4 Logs, metrics, and traces are the three pillars of observability. Where should you start? What are the common mistakes to avoid? And if you are to pick one - which one should you do?

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Logs, metrics, and traces are the three pillars of observability. Where should you start? What are the common mistakes to avoid? And if you are to pick one - which one should you do?

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1923 30 full DEVSECOPS Talks #29 -Unikernels are here DEVSECOPS Talks #29 -Unikernels are here https://devsecops.podbean.com/e/devsecops-talks-29-unikernels-are-here/ https://devsecops.podbean.com/e/devsecops-talks-29-unikernels-are-here/#comments Wed, 19 May 2021 09:29:19 -0300 devsecops.podbean.com/35bcff54-0e70-3524-918d-2f781fca2cb5 This time we are talking unikernles! Ian Eyberg from NanoVMs joins us to discuss how far this technology is from prime time. And it turns out that you don't have to be a kernel developer to take advantage of unikernes. Today, there are tools available to package, distribute, and run them locally as well as in the public cloud. While talking to Ian, it felt that the state of the technology is very similar to Linux containers at the beginning of 2010x, just before Docker made Linux containers available for everyone.

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> This time we are talking unikernles! Ian Eyberg from NanoVMs joins us to discuss how far this technology is from prime time. And it turns out that you don't have to be a kernel developer to take advantage of unikernes. Today, there are tools available to package, distribute, and run them locally as well as in the public cloud. While talking to Ian, it felt that the state of the technology is very similar to Linux containers at the beginning of 2010x, just before Docker made Linux containers available for everyone.

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2855 29 full DEVSECOPS Talks #28 - Scaling Security DEVSECOPS Talks #28 - Scaling Security https://devsecops.podbean.com/e/devsecops-talks-28-scaling-security/ https://devsecops.podbean.com/e/devsecops-talks-28-scaling-security/#comments Tue, 04 May 2021 03:49:11 -0300 devsecops.podbean.com/112b9c51-47a6-3aec-a67a-744b2ecb2dcc The real cloud lock-in is security! Every service/cloud provider has its own levels of granularity regarding resources. Cloud engineering is mainly about compute, storage, and networking and how to make them scale. Scaling security is often left out as it is hard to measure on so many levels.

We think that it is a myth and that we can measure how many steps it takes to add, modify or remove access rights. It all starts with monitoring, knowing what is there in a cloud infrastructure is a very good first step. By making it easy to see and manage access rights, we make it easier for ourselves to keep resources secured.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> The real cloud lock-in is security! Every service/cloud provider has its own levels of granularity regarding resources. Cloud engineering is mainly about compute, storage, and networking and how to make them scale. Scaling security is often left out as it is hard to measure on so many levels.

We think that it is a myth and that we can measure how many steps it takes to add, modify or remove access rights. It all starts with monitoring, knowing what is there in a cloud infrastructure is a very good first step. By making it easy to see and manage access rights, we make it easier for ourselves to keep resources secured.

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2206 28 full DEVSECOPS Talks #27 - AWS Bottlerocket - Open Source Contrainer OS from AWS. Explained DEVSECOPS Talks #27 - AWS Bottlerocket - Open Source Contrainer OS from AWS. Explained https://devsecops.podbean.com/e/devsecops-talks-27-aws-bottlerocket-open-source-contrainer-os-from-aws-explained/ https://devsecops.podbean.com/e/devsecops-talks-27-aws-bottlerocket-open-source-contrainer-os-from-aws-explained/#comments Mon, 12 Apr 2021 04:23:28 -0300 devsecops.podbean.com/0d244102-14ba-36ae-b2a1-eae14893e3b0 AWS released AWS Bottlerocket OS in March of 2020, and version 1.0.0 got released in August 2020. What is it? Should you be using it? What are the benefits? Is it ready for prime time? We answer all of those questions during this episode of DevSecOps Talks. Tune in!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> AWS released AWS Bottlerocket OS in March of 2020, and version 1.0.0 got released in August 2020.
What is it? Should you be using it? What are the benefits?
Is it ready for prime time? We answer all of those questions during this episode of DevSecOps Talks. Tune in!

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2492 27 full DEVSECOPS Talks #26 - Git Branching Strategies. Do's and Don'ts DEVSECOPS Talks #26 - Git Branching Strategies. Do's and Don'ts https://devsecops.podbean.com/e/devsecops-talks-26-git-branching-strategies-dos-and-donts/ https://devsecops.podbean.com/e/devsecops-talks-26-git-branching-strategies-dos-and-donts/#comments Mon, 29 Mar 2021 08:07:43 -0300 devsecops.podbean.com/d8de2b54-8181-38cc-9a06-3580185da0fc Johan Abildskov (@RandomSort, see episode 6) is back, and we are talking branching strategies! In particular, why you shouldn't be doing git-flow, and what are other options out there. This conversation takes us down memory lane to a more broad discussion about version control systems, mono-repositories, continuous integration, and delivery. We hope you will like it!

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> Johan Abildskov (@RandomSort, see episode 6) is back, and we are talking branching strategies! In particular, why you shouldn't be doing git-flow, and what are other options out there. This conversation takes us down memory lane to a more broad discussion about version control systems, mono-repositories, continuous integration, and delivery. We hope you will like it!

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2640 26 full DEVSECOPS Talks #25 -All The Things You Wanted To Know About Pulumi. Explained DEVSECOPS Talks #25 -All The Things You Wanted To Know About Pulumi. Explained https://devsecops.podbean.com/e/devsecops-talks-25-all-the-things-you-wanted-to-know-about-pulumi-explained/ https://devsecops.podbean.com/e/devsecops-talks-25-all-the-things-you-wanted-to-know-about-pulumi-explained/#comments Fri, 12 Mar 2021 06:48:47 -0400 devsecops.podbean.com/e63f2dc7-2989-3e10-afd4-ede18d0e6172 This time we are joined by Paul Stack (@stack72, Pulumi developer, former Terraform developer) and podcast friend Jacob Lärfors to talk about

- what is Pulumi is?

- understand the difference between Pulumi vs. Terraform (and if we should compare them at all)

- What is hard about Pulumi?

- What people ask the most? What are the common confusions?

- Cross-language infra libraries? How is it even possible?!

- Is there a possibility of a supply chain attack via Pulumi library?

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> This time we are joined by Paul Stack (@stack72, Pulumi developer, former Terraform developer) and podcast friend Jacob Lärfors to talk about

- what is Pulumi is?

- understand the difference between Pulumi vs. Terraform (and if we should compare them at all)

- What is hard about Pulumi?

- What people ask the most? What are the common confusions?

- Cross-language infra libraries? How is it even possible?!

- Is there a possibility of a supply chain attack via Pulumi library?

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3298 25 full DEVSECOPS Talks #24 - Ways To Protect Yourself From Data Breaches And Mitigate Consequences DEVSECOPS Talks #24 - Ways To Protect Yourself From Data Breaches And Mitigate Consequences https://devsecops.podbean.com/e/devsecops-talks-24-ways-to-protect-yourself-from-data-breaches-and-mitigate-consequences/ https://devsecops.podbean.com/e/devsecops-talks-24-ways-to-protect-yourself-from-data-breaches-and-mitigate-consequences/#comments Mon, 22 Feb 2021 17:34:35 -0400 devsecops.podbean.com/03a96709-8951-3fb2-9a7e-84fd95653aa5 Last week (week 6, 2021), seven data breaches were announced. In this episode, we discuss the possible scenarios for preventing attackers from getting a hold of your data, whether private or company data. And tips on how to mitigate the consequences of data leaks in cases when you have no control over data management (think of breach of 3rd party service).

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Last week (week 6, 2021), seven data breaches were announced. In this episode, we discuss the possible scenarios for preventing attackers from getting a hold of your data, whether private or company data. And tips on how to mitigate the consequences of data leaks in cases when you have no control over data management (think of breach of 3rd party service).

 

Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2161 24 full DEVSECOPS Talks #23 - How Do We Run Kubernetes In The Cloud? DEVSECOPS Talks #23 - How Do We Run Kubernetes In The Cloud? https://devsecops.podbean.com/e/devsecops-talks-23-how-do-we-run-kubernetes-in-the-cloud/ https://devsecops.podbean.com/e/devsecops-talks-23-how-do-we-run-kubernetes-in-the-cloud/#comments Fri, 05 Feb 2021 05:55:05 -0400 devsecops.podbean.com/0d243da8-019b-386c-9d17-a786be94fa5e How do you run Kubernetes in the cloud? Still using Kops? Or is it time to jump to the managed offerings? We go through the list of things you might be missing out on if not yet using a managed solution. Also, in this episode - what do you always configure in the k8s cluster? CNI, Ingress, IAM, and even more!

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> How do you run Kubernetes in the cloud? Still using Kops? Or is it time to jump to the managed offerings?
We go through the list of things you might be missing out on if not yet using a managed solution.
Also, in this episode - what do you always configure in the k8s cluster? CNI, Ingress, IAM, and even more!

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2219 23 full DEVSECOPS Talks #22 - Who are Mattias, Julien and Andrey? DEVSECOPS Talks #22 - Who are Mattias, Julien and Andrey? https://devsecops.podbean.com/e/devsecops-talks-22-who-are-mattias-julien-and-andrey/ https://devsecops.podbean.com/e/devsecops-talks-22-who-are-mattias-julien-and-andrey/#comments Fri, 22 Jan 2021 08:41:33 -0400 devsecops.podbean.com/dde3b54f-b841-3030-b10a-3f53f24745de It's been almost a year since we started the podcast, but we never took time to explain who we are and what problems we solve for our customers/employers. So in this episode, you will find more details about us and, as usual, references to useful tools, talks, and techniques.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> It's been almost a year since we started the podcast, but we never took time to explain who we are and what problems we solve for our customers/employers. So in this episode, you will find more details about us and, as usual, references to useful tools, talks, and techniques.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1771 22 full DEVSECOPS Talks #21 - Surviving AWS Outage DEVSECOPS Talks #21 - Surviving AWS Outage https://devsecops.podbean.com/e/devsecops-talks-21-surviving-aws-outage/ https://devsecops.podbean.com/e/devsecops-talks-21-surviving-aws-outage/#comments Tue, 05 Jan 2021 07:23:16 -0400 devsecops.podbean.com/a670d920-ca43-3e3d-a3c5-38c2b53d7cec AWS had a severe incident at the end of November. Kinesis in us-east-1 went dark for quite some time, and a ripple effect caused degradation of other services like CloudWatch, ECS, and others. As a Cloud Engineering practitioner, how do you get yourself and your organization ready for a such turn of events?

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> AWS had a severe incident at the end of November. Kinesis in us-east-1 went dark for quite some time, and a ripple effect caused degradation of other services like CloudWatch, ECS, and others.
As a Cloud Engineering practitioner, how do you get yourself and your organization ready for a such turn of events?

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2076 21 full DEVSECOPS Talks #20-2020 - Monitoring Done Wrong or Dreaming For A Better Monitoring DEVSECOPS Talks #20-2020 - Monitoring Done Wrong or Dreaming For A Better Monitoring https://devsecops.podbean.com/e/devsecops-talks-20-2020-dreaming-for-a-better-monitoring/ https://devsecops.podbean.com/e/devsecops-talks-20-2020-dreaming-for-a-better-monitoring/#comments Mon, 07 Dec 2020 10:25:49 -0400 devsecops.podbean.com/88f54e11-7639-3807-927e-a7ea2e8a5d0a Andrey wants monitoring to be more magical, or does he want a wrong thing? What are the sane defaults? And why do we have to set up boilerplate monitoring again and again?    Mattias shares what he does for monitoring security events.    Julien explains why using logs to debug in a microservices architecture is costly and inefficient. 

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Andrey wants monitoring to be more magical, or does he want a wrong thing? What are the sane defaults? And why do we have to set up boilerplate monitoring again and again?
  
Mattias shares what he does for monitoring security events.
  
Julien explains why using logs to debug in a microservices architecture is costly and inefficient. 

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1862 20 full DEVSECOPS Talks #19-2020 - Deleting Resources In The Cloud DEVSECOPS Talks #19-2020 - Deleting Resources In The Cloud https://devsecops.podbean.com/e/devsecops-talks-19-2020-deleting-resources-in-the-cloud/ https://devsecops.podbean.com/e/devsecops-talks-19-2020-deleting-resources-in-the-cloud/#comments Mon, 23 Nov 2020 16:19:45 -0400 devsecops.podbean.com/a9ada73a-f126-3491-ad13-8cc0c889a225 How to decommission resources from your cloud environment to keep it clean?

What to do when a resource is created without being in the infrastructure code?

Andrey is going through a checklist he uses to delete resources and the utility serverless functions he wrote.

ArgoCD is a project that does GitOps and automatically delete resources in Kubernetes namespaces if they are not defined.

We talked about the different layers of abstraction for infrastructure as code and where it makes sense to have a terraform controller in a Kubernetes cluster to manage the application dependencies.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> How to decommission resources from your cloud environment to keep it clean?

What to do when a resource is created without being in the infrastructure code?

Andrey is going through a checklist he uses to delete resources and the utility serverless functions he wrote.

ArgoCD is a project that does GitOps and automatically delete resources in Kubernetes namespaces if they are not defined.

We talked about the different layers of abstraction for infrastructure as code and where it makes sense to have a terraform controller in a Kubernetes cluster to manage the application dependencies.

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 1862 19 full DEVSECOPS Talks #18-2020 - HashiConf Special DEVSECOPS Talks #18-2020 - HashiConf Special https://devsecops.podbean.com/e/devsecops-talks-18-2020-hashiconf-special/ https://devsecops.podbean.com/e/devsecops-talks-18-2020-hashiconf-special/#comments Mon, 26 Oct 2020 12:42:30 -0300 devsecops.podbean.com/429ee250-8aa8-3975-9270-f55d7da65ba2 Initially, we planned this episode as a discussion about HashiCorp Nomad and invited Jacob Lärfors. He recently published a great article about his experience working with Nomad (see link in the show notes). However, because of a few postponements, and with HashiConf that happened just a week ago, we decided to extend the podcast’s scope to go over all of the announcements that they did during the conference. So here it is - HashiConf special: all you need to know about everything that HashiCorp announced during the conference plus a discussion about Nomad!

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Initially, we planned this episode as a discussion about HashiCorp Nomad and invited Jacob Lärfors. He recently published a great article about his experience working with Nomad (see link in the show notes). However, because of a few postponements, and with HashiConf that happened just a week ago, we decided to extend the podcast’s scope to go over all of the announcements that they did during the conference. So here it is - HashiConf special: all you need to know about everything that HashiCorp announced during the conference plus a discussion about Nomad!

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2975 18 full DEVSECOPS Talks #17-2020 - Best Practices for Building Docker Images DEVSECOPS Talks #17-2020 - Best Practices for Building Docker Images https://devsecops.podbean.com/e/devsecops-talks-17-2020-best-practices-for-building-docker-images/ https://devsecops.podbean.com/e/devsecops-talks-17-2020-best-practices-for-building-docker-images/#comments Tue, 13 Oct 2020 12:50:12 -0300 devsecops.podbean.com/d2c5bfa5-c03a-3d7c-8087-fe1d204b9d46 This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it!

 

The topic of this episode is building docker images - automation, security, best practices.

 

In this episode, we discuss:

  • Saving money with T3a family
  • Building Docker images locally and in CI
  • Setting up deamonless Docker builds for CI and k8s
  • Using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable
  • Passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more)
  • Keeping Docker images updated with dependencies and updates
  • Scanning Docker images for vulnerabilities
  • Docker image layers caching - doing it right
  • DockerHub is to delete old images stored for free, and GitHub is ready to host them for you
  • Docker image naming so you can find all you need to debug quickly

 

In some of the information overlaps with episode #3 but greatly extends information provided before https://devsecops.fm/episodes/docker-secure-build/

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> This is the first episode in the new format - 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it!

 

The topic of this episode is building docker images - automation, security, best practices.

 

In this episode, we discuss:

  • Saving money with T3a family
  • Building Docker images locally and in CI
  • Setting up deamonless Docker builds for CI and k8s
  • Using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable
  • Passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more)
  • Keeping Docker images updated with dependencies and updates
  • Scanning Docker images for vulnerabilities
  • Docker image layers caching - doing it right
  • DockerHub is to delete old images stored for free, and GitHub is ready to host them for you
  • Docker image naming so you can find all you need to debug quickly

 

In some of the information overlaps with episode #3 but greatly extends information provided before https://devsecops.fm/episodes/docker-secure-build/

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2008 17 full DEVSECOPS Talks #16-2020 - Do you need a staging environment? DEVSECOPS Talks #16-2020 - Do you need a staging environment? https://devsecops.podbean.com/e/devsecops-talks-16-2020-do-you-need-stage/ https://devsecops.podbean.com/e/devsecops-talks-16-2020-do-you-need-stage/#comments Tue, 29 Sep 2020 08:47:48 -0300 devsecops.podbean.com/b93b9097-481a-35cf-845d-6b3354197062 In this episode, we discuss options for splitting your deployment stages. We hear people coming up with all possible type of environments - dev, test/QA, integration, stage, prod, etc How many do you actually need? What is the reason for having all those stages? Maybe do you need less? Why not deploy directly to production using some fancy technique?

Put it simply - stage or not to stage?

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> In this episode, we discuss options for splitting your deployment stages.
We hear people coming up with all possible type of environments - dev, test/QA, integration, stage, prod, etc
How many do you actually need? What is the reason for having all those stages?
Maybe do you need less? Why not deploy directly to production using some fancy technique?

Put it simply - stage or not to stage?

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2959 16 full DEVSECOPS Talks #15-2020 - Remote Work Security DEVSECOPS Talks #15-2020 - Remote Work Security https://devsecops.podbean.com/e/devsecops-talks-15-2020-remote-work-security/ https://devsecops.podbean.com/e/devsecops-talks-15-2020-remote-work-security/#comments Thu, 17 Sep 2020 09:50:57 -0300 devsecops.podbean.com/31b7f9be-5506-3396-aab9-66f2a30b8827 Let's talk about security in the era of remote work. Most of us have experienced a flaky VPN connection. What are the alternatives? SSH certificates? Yubikey?

We discussed various topics around security inside a cluster and outside.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Let's talk about security in the era of remote work. Most of us have experienced a flaky VPN connection.
What are the alternatives? SSH certificates? Yubikey?

We discussed various topics around security inside a cluster and outside.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3025 15 full DEVSECOPS Talks #14-2020 - Theory of constraint DEVSECOPS Talks #14-2020 - Theory of constraint https://devsecops.podbean.com/e/devsecops-talks-14-2020-theory-of-constraint/ https://devsecops.podbean.com/e/devsecops-talks-14-2020-theory-of-constraint/#comments Mon, 31 Aug 2020 06:30:31 -0300 devsecops.podbean.com/baa40975-7c5b-3893-a1b4-a427fca31da7 This time, we are joined by Henrik Høegh who shares his unique perspective on applying the theory of constraint to IT transformation as well as how it applies in the world of Cloud Native. We go back to the origin of DevOps, discussing the various problems companies are facing when transforming their organizations and adopting cultural changes.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> This time, we are joined by Henrik Høegh who shares his unique perspective on applying the theory of constraint to IT transformation as well as how it applies in the world of Cloud Native. We go back to the origin of DevOps, discussing the various problems companies are facing when transforming their organizations and adopting cultural changes.

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3560 14 full DEVSECOPS Talks #13-2020 - All you need to know about setting up HashiCorp Vault DEVSECOPS Talks #13-2020 - All you need to know about setting up HashiCorp Vault https://devsecops.podbean.com/e/devsecops-talks-13-2020-setting-up-hashicorp-vault/ https://devsecops.podbean.com/e/devsecops-talks-13-2020-setting-up-hashicorp-vault/#comments Tue, 18 Aug 2020 04:57:49 -0300 devsecops.podbean.com/227f0309-efd0-3d1e-ae6d-a3d7dead389c Mattias wants to setup HashiCorp Vault and quizzes Andrey how to do that.

We cover a lot of ground - from basic Vault concepts to setting it up and hardening.

]]> Mattias wants to setup HashiCorp Vault and quizzes Andrey how to do that.

We cover a lot of ground - from basic Vault concepts to setting it up and hardening.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3124 13 full DEVSECOPS Talks #12-2020 - Scale and Scaling DEVSECOPS Talks #12-2020 - Scale and Scaling https://devsecops.podbean.com/e/scale-and-scaling/ https://devsecops.podbean.com/e/scale-and-scaling/#comments Mon, 03 Aug 2020 05:02:47 -0300 devsecops.podbean.com/d344e1d8-c2c8-3d62-8ce9-efd5497fdc58 Julien and Andrey got together to define the scale and ways to automate the scaling of your infrastructure in response to changes in load patterns. What are the prerequisites implementing scaling? What is cooling down, warm up, horizontal and vertical scaling, scale-up, and scale in? What are the metrics that could be useful for making scaling decisions? And last but not least, the very unexpected spin that Julien gives to the conversation. 

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Julien and Andrey got together to define the scale and ways to automate the scaling of your infrastructure in response to changes in load patterns.
What are the prerequisites implementing scaling? What is cooling down, warm up, horizontal and vertical scaling, scale-up, and scale in? What are the metrics that could be useful for making scaling decisions?
And last but not least, the very unexpected spin that Julien gives to the conversation. 

 

Visit https://devsecops.fm to see show notes and https://gitter.im/devsecopstalks/community to join a discussion

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3299 12 full DEVSECOPS Talks #11-2020 - AWS Security Maturity Roadmap 2020 DEVSECOPS Talks #11-2020 - AWS Security Maturity Roadmap 2020 https://devsecops.podbean.com/e/devsecops-talks-11-2020-aws-security-maturity-roadmap-2020/ https://devsecops.podbean.com/e/devsecops-talks-11-2020-aws-security-maturity-roadmap-2020/#comments Fri, 10 Jul 2020 03:55:45 -0300 devsecops.podbean.com/7f8b1dd8-1dc1-5c84-8fc6-262bfe0d1cdc This time we are discussing the white paper by Summit Route - AWS Security Maturity Roadmap 2020. Tune in to learn more about the white paper and recommendations that we pile up on top of it. To view show notes visit https://devsecops.fm Chat with hosts and suggest topics for upcoming episodes at our Gitter channel https://gitter.im/devsecopstalks/community

]]> This time we are discussing the white paper by Summit Route - AWS Security Maturity Roadmap 2020. Tune in to learn more about the white paper and recommendations that we pile up on top of it.
To view show notes visit https://devsecops.fm
Chat with hosts and suggest topics for upcoming episodes at our Gitter channel https://gitter.im/devsecopstalks/community

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3368 11 full DEVSECOPS Talks #10-2020 - Are we wrong about Terragrunt? DEVSECOPS Talks #10-2020 - Are we wrong about Terragrunt? https://devsecops.podbean.com/e/devsecops-talks-10-2020-are-we-wrong-about-terragrunt/ https://devsecops.podbean.com/e/devsecops-talks-10-2020-are-we-wrong-about-terragrunt/#comments Fri, 26 Jun 2020 11:44:31 -0300 devsecops.podbean.com/6431c5c2-c3f2-5b0e-be13-6138277b11f6 Our guest speaker is Anton Babenko he is DevSecOps Talks podcast fan, AWS Community Hero, Terraform fanatic, HashiCorp Ambassador and a prolific open source contributor. After listening to episode #9 Terraform in CI and #1 Infrastructure as code, Anton decided that enough is enough and volunteered to give his point of view on Terragrunt since he though that we are missing a few important points. In this episode, we are discussing the use cases of Terragrunt, a wrapper around Terraform for working with multiple environment and modules.

]]> Our guest speaker is Anton Babenko
he is DevSecOps Talks podcast fan, AWS Community Hero, Terraform fanatic, HashiCorp Ambassador and a prolific open source contributor.
After listening to episode #9 Terraform in CI and #1 Infrastructure as code,
Anton decided that enough is enough and volunteered to give his point of view on Terragrunt since he though that we are missing a few important points.
In this episode, we are discussing the use cases of Terragrunt,
a wrapper around Terraform for working with multiple environment and modules.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3145 10 full DEVSECOPS Talks #9-2020 - Terraform in CI DEVSECOPS Talks #9-2020 - Terraform in CI https://devsecops.podbean.com/e/devsecops-talks-9-2020-terraform-in-ci/ https://devsecops.podbean.com/e/devsecops-talks-9-2020-terraform-in-ci/#comments Sat, 06 Jun 2020 10:13:42 -0300 devsecops.podbean.com/d1c13a70-03b6-57a6-a8a2-70efc659b4ec How do you start to implement a CI pipeline when dealing with infrastructure as code implemented via Terraform? What are the security concerns when the credentials to the whole kingdom are used in an automated process? In this episode, we discuss the various security and feasibility aspects of using Terraform in a CI pipeline.

We start the episode by catching up with what we’ve been working on. Feel free to skip to 11:52 if you want to go directly to the topic. Having an automated process to deploy and manage infrastructure has advantages such as fast feedback and collaboration. The code for the infrastructure is treated like an application that is versioned, tested, and deployed.

Show notes are available at https://devsecops.fm/episodes/terraform-in-ci/

]]> How do you start to implement a CI pipeline when dealing with infrastructure as code implemented via Terraform? What are the security concerns when the credentials to the whole kingdom are used in an automated process? In this episode, we discuss the various security and feasibility aspects of using Terraform in a CI pipeline.

We start the episode by catching up with what we’ve been working on. Feel free to skip to 11:52 if you want to go directly to the topic. Having an automated process to deploy and manage infrastructure has advantages such as fast feedback and collaboration. The code for the infrastructure is treated like an application that is versioned, tested, and deployed.

Show notes are available at https://devsecops.fm/episodes/terraform-in-ci/

]]> How do you start to implement a CI pipeline when dealing with infrastructure as code ? What are the security concerns when the credentials to the whole kingdom are used in an automated process ? In this episode, we discuss the various security and feasibility aspects of using terraform in a CI pipeline. Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3065 9 full DEVSECOPS Talks #8-2020 - DevOps What DEVSECOPS Talks #8-2020 - DevOps What https://devsecops.podbean.com/e/devsecops-talks-8-2020-devops-what/ https://devsecops.podbean.com/e/devsecops-talks-8-2020-devops-what/#comments Mon, 25 May 2020 05:12:56 -0300 devsecops.podbean.com/690df5c8-329e-5550-8e80-e5436c975d5c Andrey tells us the story of how DevOps came into existence and took over the market. We discuss the marketing around it, its relationship with DevSecOps. We tried to shed a light on what is marketing strategy versus implementing DevOps in an organization. We also compared DevOps to SRE (Site Reliability Engineering)

]]> Andrey tells us the story of how DevOps came into existence and took over the market. We discuss the marketing around it, its relationship with DevSecOps. We tried to shed a light on what is marketing strategy versus implementing DevOps in an organization. We also compared DevOps to SRE (Site Reliability Engineering)

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3188 8 full DEVSECOPS Talks #7-2020 - How do we learn DEVSECOPS Talks #7-2020 - How do we learn https://devsecops.podbean.com/e/devsecops-talks-7-2020-how-do-we-learn/ https://devsecops.podbean.com/e/devsecops-talks-7-2020-how-do-we-learn/#comments Wed, 06 May 2020 17:09:08 -0300 devsecops.podbean.com/88f8b2d7-fce8-5db7-87aa-9d5205619789 In this episode, Mattias, Julien, and Andrey share tips and tricks on how to stay on top of what is going on in the industry, resources they use for continuous learning. Make sure to visit devsecops.fm to check out show notes that contain references to resources mentioned during discussion and more

]]> In this episode, Mattias, Julien, and Andrey share tips and tricks on how to stay on top of what is going on in the industry, resources they use for continuous learning. Make sure to visit devsecops.fm to check out show notes that contain references to resources mentioned during discussion and more

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 2808 7 full DEVSECOPS Talks #6-2020 - SemVer or not to SemVer DEVSECOPS Talks #6-2020 - SemVer or not to SemVer https://devsecops.podbean.com/e/devsecops-talks-6-2020-semver-or-not-to-semver/ https://devsecops.podbean.com/e/devsecops-talks-6-2020-semver-or-not-to-semver/#comments Wed, 06 May 2020 17:08:55 -0300 devsecops.podbean.com/37cc7c5d-2105-5baa-83e6-8fb09ccb7528 This time Johan Abildskov, a Senior Consultant with Praqma/Eficode, joins us to talk about SemVer (Semantic Versioning), and we finally get to hear what Julien has to say about it. We get to explore different options regarding versioning and how it helps humans communicate. At the end of the podcast, everyone gets to share their approach and recommendations for versioning things.

]]> This time Johan Abildskov, a Senior Consultant with Praqma/Eficode, joins us to talk about SemVer (Semantic Versioning), and we finally get to hear what Julien has to say about it. We get to explore different options regarding versioning and how it helps humans communicate. At the end of the podcast, everyone gets to share their approach and recommendations for versioning things.

]]> Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin false No 3689 6 full DEVSECOPS Talks #5-2020 - What we have been working on DEVSECOPS Talks #5-2020 - What we have been working on https://devsecops.podbean.com/e/devsecops-talks-5-2020-what-we-have-bean-working-on/ https://devsecops.podbean.com/e/devsecops-talks-5-2020-what-we-have-bean-working-on/#comments Tue, 07 Apr 2020 07:36:03 -0300 devsecops.podbean.com/ebdbb688-dd12-5c1e-80cc-2f7d53b4c117 We had a couple of possible topics for this episode but before getting started with them we decided to discuss what technological problems we were solving during the last two weeks. Well, turns out there was quite a lot to discuss. Tune in for tips on ssh session logging on the ssh server, preventing downloads from AWS S3 even if you got read access, credentials in Git repository 🤦, why you should (or should not) do K8S and more.

]]> We had a couple of possible topics for this episode but before getting started with them we decided to discuss what technological problems we were solving during the last two weeks. Well, turns out there was quite a lot to discuss. Tune in for tips on ssh session logging on the ssh server, preventing downloads from AWS S3 even if you got read access, credentials in Git repository 🤦, why you should (or should not) do K8S and more.

]]> devsecops false No 3633 5 full DEVSECOPS Talks #4-2020 - Is docker more secure then VM DEVSECOPS Talks #4-2020 - Is docker more secure then VM https://devsecops.podbean.com/e/is-docker-more-secure-then-vm/ https://devsecops.podbean.com/e/is-docker-more-secure-then-vm/#comments Thu, 26 Mar 2020 10:14:19 -0300 devsecops.podbean.com/236a1d88-09e2-5231-9da3-bb614acfbfd3 In this episode Mattias is trying to convince that running docker in k8s is more security then VM. Did he success ? listen and find out.

]]> In this episode Mattias is trying to convince that running docker in k8s is more security then VM. Did he success ? listen and find out.

]]> devsecops false No 3330 4 full DEVSECOPS Talks #3-2020 - Docker securing builds DEVSECOPS Talks #3-2020 - Docker securing builds https://devsecops.podbean.com/e/devsecops-talks-3-2020-docker-securing-builds/ https://devsecops.podbean.com/e/devsecops-talks-3-2020-docker-securing-builds/#comments Fri, 20 Mar 2020 04:45:44 -0300 devsecops.podbean.com/2d8d3583-2556-5c04-a873-6d86e3a3dceb Your docker images and build are be coming the base for our platform. But are they secure? In this episode we talk about how you can secure your docker images.

]]> Your docker images and build are be coming the base for our platform. But are they secure? In this episode we talk about how you can secure your docker images.

]]> devsecops false No 2272 3 full DEVSECOPS Talks #2-2020 - GitOps DEVSECOPS Talks #2-2020 - GitOps https://devsecops.podbean.com/e/devsecops-1-2020-gitops/ https://devsecops.podbean.com/e/devsecops-1-2020-gitops/#comments Fri, 20 Mar 2020 03:44:04 -0300 devsecops.podbean.com/9ca8d72d-1656-55a3-ae8a-81d14859cf7f Gitops a new concept on devops. Whats is it and how can you use it when deploy and setup your k8s cluster. 

]]> Gitops a new concept on devops. Whats is it and how can you use it when deploy and setup your k8s cluster. 

]]> devsecops false No 1091 2 full DEVSECOPS Talks #1-2020 - Infra as code DEVSECOPS Talks #1-2020 - Infra as code https://devsecops.podbean.com/e/devsecops-1-2020-infra-as-code/ https://devsecops.podbean.com/e/devsecops-1-2020-infra-as-code/#comments Thu, 19 Mar 2020 18:34:32 -0300 devsecops.podbean.com/6120c241-aeda-5f90-baf5-121aee0430b1 Are infra as code always the best way to go and if not when and where should you use it. Here we are trying to better understand when its god to use and when its not. 

]]> Are infra as code always the best way to go and if not when and where should you use it. Here we are trying to better understand when its god to use and when its not. 

]]> devsecops false No 3006 1 full