Sign up to save your podcasts
Or
Share How to Secure DevOps
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How to Secure DevOps
Dan “Pop” Papandrea (@danpopnyc, Field CTO @Sysdig Host @PopcastPop) talks about securing DevOps, how to secure containers and runtimes, and the cultural challenges of security in an agile world.
SHOW: 460
SHOW SPONSOR LINKS:
- Datadog Security Monitoring Homepage - Modern Monitoring and Analytics
- Try Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt
- strongDM Homepage
- Start your free 14 day trial today at: strongdm.com/cloudcast
CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw
PodCTL Podcast is Back (Enterprise Kubernetes) - http://podctl.com
SHOW NOTES:
- Sysdig Homepage
- ThePOPcast with Dan POP Homepage
- Escape 2019 talk
- Webinar on the top 5 Pipeline considerations we did with Booz Allen
Topic 1 - Welcome to the show. I first got to know you through your podcast The POPcast, but you’re been around this evolution of the cloud for quite a while. Tell us a bit about your background.
Topic 2 - There’s a concept that’s now been around a couple years called “DevSecOps”. Originally it was “Sec” being jammed in there because it had been excluded from the early days of DevOps (at least in practice). Where are we with DevSecOps today?
Topic 3 - Let’s talk about DevSecOps in the context of containers. We now have things like Container Scanning, Container Signing, and Immutable Infrastructure and yet security still concerns people. Isn’t the “software supply chain” supposed to weed out the vulnerabilities before they get into the production systems?
Topic 4 - One of the challenges that companies have in adopting containers is that they were used to having root access to hosts, and containers live in the user space. How can security tools fit into a container world?
Topic 5 - As you talk to lots of companies, how are they dealing with the cultural challenges that go along with implementing DevSecOps?
Topic 6 - Any tips or suggestions you can share to help people avoid common DevSecOps mistakes, or accelerate best practices and wider adoption?
FEEDBACK?
- Email: show at thecloudcast dot net
- Twitter: @thecloudcastnet
View all episodes
By Massive Studios
4.6
147147 ratings
Dan “Pop” Papandrea (@danpopnyc, Field CTO @Sysdig Host @PopcastPop) talks about securing DevOps, how to secure containers and runtimes, and the cultural challenges of security in an agile world.
SHOW: 460
SHOW SPONSOR LINKS:
- Datadog Security Monitoring Homepage - Modern Monitoring and Analytics
- Try Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt
- strongDM Homepage
- Start your free 14 day trial today at: strongdm.com/cloudcast
CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw
PodCTL Podcast is Back (Enterprise Kubernetes) - http://podctl.com
SHOW NOTES:
- Sysdig Homepage
- ThePOPcast with Dan POP Homepage
- Escape 2019 talk
- Webinar on the top 5 Pipeline considerations we did with Booz Allen
Topic 1 - Welcome to the show. I first got to know you through your podcast The POPcast, but you’re been around this evolution of the cloud for quite a while. Tell us a bit about your background.
Topic 2 - There’s a concept that’s now been around a couple years called “DevSecOps”. Originally it was “Sec” being jammed in there because it had been excluded from the early days of DevOps (at least in practice). Where are we with DevSecOps today?
Topic 3 - Let’s talk about DevSecOps in the context of containers. We now have things like Container Scanning, Container Signing, and Immutable Infrastructure and yet security still concerns people. Isn’t the “software supply chain” supposed to weed out the vulnerabilities before they get into the production systems?
Topic 4 - One of the challenges that companies have in adopting containers is that they were used to having root access to hosts, and containers live in the user space. How can security tools fit into a container world?
Topic 5 - As you talk to lots of companies, how are they dealing with the cultural challenges that go along with implementing DevSecOps?
Topic 6 - Any tips or suggestions you can share to help people avoid common DevSecOps mistakes, or accelerate best practices and wider adoption?
FEEDBACK?
- Email: show at thecloudcast dot net
- Twitter: @thecloudcastnet
More shows like The Cloudcast
View all
Hanselminutes with Scott Hanselman
377 Listeners
Software Engineering Radio - the podcast for professional software developers
272 Listeners
The Changelog: Software Development, Open Source
283 Listeners
a16z Podcast
1,032 Listeners
Thoughtworks Technology Podcast
40 Listeners
Talk Python To Me
593 Listeners
Software Engineering Daily
624 Listeners
AWS Podcast
202 Listeners
Gartner ThinkCast
110 Listeners
DataFramed
267 Listeners
Kubernetes Podcast from Google
181 Listeners
Practical AI
189 Listeners
The Stack Overflow Podcast
63 Listeners
The Real Python Podcast
140 Listeners
The Pragmatic Engineer
52 Listeners