DevSec For Scale from Akeyless

Cybersecurity. InfoSec. DevSecOps. AppSec. Should companies be talking about these subjects only when they become too large? NO! Should cybersecurity be a priority for every company, no matter the size? YES! According to a study by BullGuard study in 2020, 43% of SMB owners have no cybersecurity defense plan in place at all – leaving their most sensitive financial, customer and business data, and ultimately their companies, at significant risk. Many startup and SMB companies will admit that security is not on their list of top 3 things to think about.... maybe even top 5. This podcast will bring together experts, authors, and practitioners from all areas of the security ecosystem to discuss best practices and better ways for small companies to protect their data and networks.

Listen on:

  • Podbean App
  • PlayerFM

Episodes

Tuesday Jan 16, 2024

How do you manage infrastructure-as-code and keep it secure? And can you keep open source fully open?
In this episode, Ohad Maislish, Co-Founder and CEO at Env0 and OpenTofu Supporter discuss the evolution of infrastructure management, how OpenTofu started, and how to ensure security is baked into your code.
Check out Ohad's podcast, The IaC Podcast as well: https://www.theiacpodcast.com/

Wednesday Aug 16, 2023

How do you ensure developers make the best security decisions when building their applications?
In this episode, Roy Avrahamy, Application Security Engineer at Akeyless Security gives us great insights into how to make sure your developers keep their minds on application security while still developing code at a fast pace. We discuss ideas about continuous learning, gamification, hackathons, and more.

Tuesday Jun 20, 2023

Can cyber attacks and risk be managed by machines alone?
In this episode, Lidan Hazout, Risk & Fraud Detection Director at Transmit Security talks to us about how he is working to create Machine Learning algorithms to actually stop cybersecurity attacks before they even happen. We get into a lot of detail about how the algorithms decide good versus bad and what the more sophisticated types of attacks are out there.
If you're looking for the website Lidan mentions toward the end where you can practice your cyber skills, check out https://www.kaggle.com/.

Tuesday May 30, 2023

Are you working on maturing your company's security?
In this episode of DevSec For Scale, we hear from Raz Probstein, Solution Engineer at Jit, about the various methods companies have been using to up their security game. But one methodology stands out to both her and the company she works for, OWASP DSOMM.
DSOMM focuses on DevSecOps security. There are quite a few differences between DSOMM and other models, and Raz breaks down why you should consider DSOMM when leveling up security.
Check out Raz's slides from her recent talk about this topic at the OWASP AppSecIL 2023 conference: https://docs.google.com/presentation/d/1oI4n_YjXDIhshl8mgEJTlYFMI6UznZHKRsxvkmDvA2U/

Tuesday May 02, 2023

Do you wish you could log into all your apps without passwords? Enter asymmetric cryptography.
In this episode, Mike Malone, CEO and Founder of Smallstep walks us through how we got to where we are with password and secrets management and offers us ideas about how to change the way we think about credential security.

Wednesday Feb 15, 2023

How do you actually get started managing secrets?
In this episode of DevSec For Scale, we are joined by Jeroen for a third time to discuss the real ins and outs of getting started with secrets management. We talk about threat modeling, CI/CD, and even multi-cloud secrets management.

Tuesday Feb 07, 2023

What challenges are there with observability in modern microservices environments?
Yosef Arbiv, Engineering Group Leader at Epsagon (Acquired by Cisco), joins the podcast to discuss observability best practices as well as the Open Telemetry project and how observability impacts the overall security health of an organization.

Wednesday Oct 19, 2022

In this episode of DevSec For Scale, we follow up our previous episode with some really great information about how the OWASP WrongSecrets project came about and how they manage everything, as well as how users can join and help with fixes, add challenges, and features. Jeroen also discusses the future of the project.
To learn more, go to https://owasp.org/www-project-wrongsecrets/ or star the repo at https://github.com/commjoen/wrongsecrets/.

Wednesday Sep 28, 2022

How do you approach E2E and Integration testing in the new and complex world of Kubernetes and multi-cloud environments?
Arjun Iyer, CEO & Co-Founder of Signadot joins the podcast for a very interesting and informative episode on how testing needs to shift left as we rapidly grow our development environments to the latest and greatest in infrastructure orchestration and application security.

Tuesday Sep 13, 2022

What is the importance of Secrets Management and how has it evolved to where it is now?
In this episode of the DevSec For Scale podcast, Jeroen Willemsen, one of two project leads for the OWASP WrongSecrets project, gives us a short history of secrets management in the OWASP universe and goes into how he sees the future of secrets in the enterprise.
Check out the WrongSecrets Project: https://owasp.org/www-project-wrongsecrets/

Image

Your Title

This is the description area. You can write an introduction or add anything you want to tell your audience. This can help potential listeners better understand and become interested in your podcast. Think about what will motivate them to hit the play button. What is your podcast about? What makes it unique? This is your chance to introduce your podcast and grab their attention.

Copyright 2022 All rights reserved.

Podcast Powered By Podbean

Version: 20240731