Bad security and reliability practices can lead to outages that affect millions. It’s time for security to join the DevOps movement. And in a DevSecOps world, we can get creative about improving security. Vincent Danen tells us how that’s led to a drastic increase in what’s considered a vulnerability. Jesse Robbins, the former master of disaster at Amazon, explains how companies prepare for catastrophic breakdowns and breaches. And Josh Bressers, head of product security at Elastic, looks to the future of security in tech.

The One About DevSecOps: Evolving Security and Reliability

Stories about the people transforming technology from the command line up.

Society & Culture

Personal Journals

History

Philosophy

Places & Travel

Technology

Tech News

Podcasting

Gadgets

Software How-To

Business

Investing

Careers

Management & Marketing

Business News

Shopping

Our show is all about heroes making great strides in technology. But in InfoSec, not every hero expects to ride off into the sunset. In our series finale, we tackle vulnerability scans, how sharing information can be a powerful tool against cyber crime, and why it’s more important than ever for cybersecurity to have more people, more eyes, and more voices, in the fight.

Wietse Venema gives us the story of SATAN, and how it didn’t destroy the world as expected. Maitreyi Sistla tells us how representation helps coders build things that work for everyone. And Mary Chaney shines a light on how hiring for a new generation can prepare us for a bold and brighter future.

All Together Now

What began as a supposed accounting error landed Cliff Stoll in the midst of database intrusions, government organizations, and the beginnings of a newer threat—cyber-espionage. This led the eclectic astronomer-cum-systems administrator to create what we know today as intrusion detection. And it all began at a time when people didn’t understand the importance of cybersecurity. 

This is a story that many in the infosec community have already heard, but the lessons from Stoll’s journey are still relevant. Katie Hafner gives us the background on this unbelievable story. Richard Bejtlich outlines the “honey pot” that finally cracked open the international case. And Don Cavender discusses the impact of Stoll’s work, and how it has inspired generations of security professionals.

Invisible Intruders

It’s a strange situation when someone can hold something hostage from halfway around the world. It’s tragic when your own pictures and files are remotely encrypted. But when it’s a hospital’s system? Ransomware becomes a problem about life or death. 

Eddy Willems recounts his involvement in defeating an early ransomware attack that targeted AIDS researchers. At the time, there was a way to discover the encryption key. But as Moti Yung warned, asymmetric encryption would change everything. In the years since, ransomware attacks have become much more popular—thanks in part to the rise of cryptocurrencies. While criminals think it’s an anonymous way to collect payment, Sheila Warren tells us that the opposite is actually true.

Ruthless Ransomers

All communication leaves the possibility for crossed wires. And as we become more connected, there’s a chance for those with ill intentions to steal our information and meddle in our daily lives—with devastating results. 

Smriti Bhatt breaks down the complexity behind machine-in-the-middle attacks. Johannes Ullrich tells us why we shouldn’t always trust that free WiFi. And the “father of SSL” Taher Elgamal notes that while cryptography can address the increasingly sophisticated nature of malware, there are no safe bets in security.

Menace in the Middle

Overwhelming numbers are scary—even in the best of circumstances. You can plan for them, build up your defenses, and do everything imaginable to prepare. But when that horde of zombies hits, their sheer numbers can still cause devastation. 

Botnets are digital zombie hordes. Jamie Tomasello recounts the scale of the Bredolab botnet—and the many malicious kinds of missions it carried out. Martijn Grooten explains how botnets work, and why they can be so difficult to permanently dismantle. And Darren Mott shares some of the successes the FBI had in rounding up some of the world’s most prolific bot herders.

The One About DevSecOps: Evolving Security and Reliability

Download our free app to listen on your phone