DevSec For Scale from Akeyless
41 FOLLOWERS
Cybersecurity. InfoSec. DevSecOps. AppSec. Should companies be talking about these subjects only when they become too large? NO! According to a study by BullGuard study in 2020, 43% of SMB owners have no cybersecurity defense plan in place at all leaving their most sensitive financial, customer, and business data, and ultimately their companies, at significant risk. This podcast will bring..
DevSec For Scale from Akeyless
8M ago
How do you ensure developers make the best security decisions when building their applications?
In this episode, Roy Avrahamy, Application Security Engineer at Akeyless Security gives us great insights into how to make sure your developers keep their minds on application security while still developing code at a fast pace. We discuss ideas about continuous learning, gamification, hackathons, and more ..read more
DevSec For Scale from Akeyless
10M ago
Can cyber attacks and risk be managed by machines alone?
In this episode, Lidan Hazout, Risk & Fraud Detection Director at Transmit Security talks to us about how he is working to create Machine Learning algorithms to actually stop cybersecurity attacks before they even happen. We get into a lot of detail about how the algorithms decide good versus bad and what the more sophisticated types of attacks are out there.
If you're looking for the website Lidan mentions toward the end where you can practice your cyber skills, check out https://www.kaggle.com ..read more
DevSec For Scale from Akeyless
10M ago
Are you working on maturing your company's security?
In this episode of DevSec For Scale, we hear from Raz Probstein, Solution Engineer at Jit, about the various methods companies have been using to up their security game. But one methodology stands out to both her and the company she works for, OWASP DSOMM.
DSOMM focuses on DevSecOps security. There are quite a few differences between DSOMM and other models, and Raz breaks down why you should consider DSOMM when leveling up security.
Check out Raz's slides from her recent talk about this topic at the OWASP AppSecIL 2023 conference: https://do ..read more
DevSec For Scale from Akeyless
1y ago
How do you actually get started managing secrets?
In this episode of DevSec For Scale, we are joined by Jeroen for a third time to discuss the real ins and outs of getting started with secrets management. We talk about threat modeling, CI/CD, and even multi-cloud secrets management ..read more
DevSec For Scale from Akeyless
1y ago
What challenges are there with observability in modern microservices environments?
Yosef Arbiv, Engineering Group Leader at Epsagon (Acquired by Cisco), joins the podcast to discuss observability best practices as well as the Open Telemetry project and how observability impacts the overall security health of an organization ..read more
DevSec For Scale from Akeyless
1y ago
In this episode of DevSec For Scale, we follow up our previous episode with some really great information about how the OWASP WrongSecrets project came about and how they manage everything, as well as how users can join and help with fixes, add challenges, and features. Jeroen also discusses the future of the project.
To learn more, go to https://owasp.org/www-project-wrongsecrets/ or star the repo at https://github.com/commjoen/wrongsecrets ..read more
DevSec For Scale from Akeyless
1y ago
How do you approach E2E and Integration testing in the new and complex world of Kubernetes and multi-cloud environments?
Arjun Iyer, CEO & Co-Founder of Signadot joins the podcast for a very interesting and informative episode on how testing needs to shift left as we rapidly grow our development environments to the latest and greatest in infrastructure orchestration and application security ..read more
DevSec For Scale from Akeyless
1y ago
What is the importance of Secrets Management and how has it evolved to where it is now?
In this episode of the DevSec For Scale podcast, Jeroen Willemsen, one of two project leads for the OWASP WrongSecrets project, gives us a short history of secrets management in the OWASP universe and goes into how he sees the future of secrets in the enterprise.
Check out the WrongSecrets Project: https://owasp.org/www-project-wrongsecrets ..read more
DevSec For Scale from Akeyless
1y ago
How has threat modeling evolved and how can security help make it easier for developers to implement that practically into their code?
In this episode, Maran Gunasekaran, Principal Security Consultant at Practical DevSecOps gives us a rundown of what threat modeling used to mean and how developers can translate threat models into actual threat modeling as code. He also offers real-world examples of how security and developers align on threat modeling when shipping code ..read more
DevSec For Scale from Akeyless
1y ago
Why do security teams and developers clash, and how can we ensure there is better collaboration between them?
In this episode, Ravid Circus, Co-Founder & CPO at Seemplicity talks about his experience with security teams and how their requests are handled by the development teams. He also gets into how security teams should track progress and handle backlogs based on priorities ..read more