Podcast about DevSecOps

We talk like no one is listening except that we record it

This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do right technology bets, help their organizations to deliver value and last but not the least to have some fun. Tune in for talks about technology, ways of working and news from DevSecOps.

We created this podcast because we realized that we were not the only ones to struggle with security on a daily basis. It is also difficult to find information without marketing content or a product pitch. We don’t intend to sell anything, now or later.

This show is not sponsored by any technology vendor and we are trying to be as unbiased as possible. We talk like no one is listening! For good or bad 😉.

Want to join discussion?

Discuss or suggest topics for upcoming episodes, chat with podcast guests, hosts and fans at the podcast’s Gitter channel

What is DevSecOps

As DevOps improved the collaboration between developers (dev) and operations (ops), DevSecOps includes security aspects into the development and operation of applications. It adds the dimension of security to a DevOps culture.

Enjoy the talks and feel free to participate.

#78 - Building AI Tools For IaC Compliance - ep.#78

In this guest episode, we chat with Davlet Dzhakishev, co-founder of Cloudgeni, who’s working on an AI-powered approach to fixing compliance issues in IaC. What’s the state of tools in this space? Where does his idea fit in? And how should we think about the relationship between compliance and security? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#77 - Chaos Engineering Explained: Part 2 - ep.#77

Part two of our chaos engineering series is here! Join Andrey, Mattias, and Paulina as they talk through practical strategies for chaos engineering. Who should do it? How can you start? And what are the essential prerequisites? Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#76 - Chaos Engineering Explained: Part 1 - ep.#76

Chaos engineering—is it really chaos, or something more structured? Andrey, Paulina, and Mattias talk about what chaos engineering means, how it started, and why you might already be using it unintentionally. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#75 - Learning from the Crisis: Post-Incident Actions - ep.#75

This is the final episode of our three-part series on incident response. We focus on what happens after the dust settles. How do you learn from what went wrong and avoid repeating it? Tune in to hear our top recommendations. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#74 - From Preparation To Execution: Handling An Active Incident - ep.#74

What keeps an incident from spiraling out of control? How can you organize your team on the spot? We continue our series on incident response, moving from preparation to real-time actions. Mattias shares key points from his course. Listen to learn how we handle incidents step by step. Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#73 - Incident Response: Key Preparations You Need - ep.#73

Incident response can be complex, but where do you start? Andrey, Mattias, and Paulina dive into the preparation steps you need to take. Mattias shares his expertise from teaching an incident response course. What’s their top recommendation? Listen and find out! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#72 - AWS Resource Control Policies (RCPs) - ep.#72

We are looking into recently announced AWS Resource Control Policies. What are they? How are they different from Service Control Policies? What is a Data Perimeter? Tune in to find out!

Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#71 - Unpacking The Dora Accelerate State Of Devops Report - ep.#71

In this episode, Andrey, Mattias, and Paulina break down the new DORA Accelerate State of DevOps report. What’s changed since the last report? What do these insights mean for your team? Tune in for our insightful conversation! Connect with us on LinkedIn or Twitter (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.

#70 - System Initiative Goes Ga - ep.#70

Andrey, Mattias, and Paulina are joined by Paul Stack, an IaC tools developer and a frequent guest on the show. He’s back to discuss the general availability of System Initiative and share what has changed since his last visit when they talked about the early beta of the tool. Will this be a revolution or evolution in Infrastructure as Code tooling? Do we really need collaborative infrastructure management tools? Tune in to find out!

#69 - Who Is Paulina? - ep.#69

Join Andrey and Mattias as they sit down with Paulina Dubas, an independent DevOps consultant and public speaker. Who is Paulina, and what experiences does she bring to the table? What topics particularly resonate with her? Tune in to learn more about Paulina since we have a feeling that she is here to stay