How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game. Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here. Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO ..read more

How widespread is Infrastructure-as-Code adoption? What tools are dominating the IaC space? Could AI play a disruptive role? Join us as we dig into Firefly's comprehensive State of IaC Report and explore the latest trends with co-founder Eran Bibi. Tune in for a must-listen episode on where organizations currently stand in codifying cloud resources, and key insights into the future of managing Infrastructure-as-Code. Download The State of IaC Report Eran Bibi is Co-Founder & Chief Product Officer at Firefly. With years of experience in anything DevOps/SRE and security, he has earned a repu ..read more

How can you gain deeper insights into your complex systems beyond just monitoring infrastructure health metrics? Join us as Charity Majors, CTO and Co-Founder of Honeycomb, challenges traditional approaches to observability. With experience from the infrastructure trenches of fast-growing startups, Charity pushes us to rethink our methods. Can high-cardinality data exploration reveal the "unknown unknowns" hiding in your telemetry? Is prioritizing user experiences over infrastructure stats the key to untangling your "hairball" systems? And what role should observability play across the full so ..read more

In this episode, we chat with Mandi Walls, DevOps Advocate at PagerDuty, about the evolution of infrastructure management and operations over her career. We discuss the rise of configuration management tools like Chef and Puppet, and how Infrastructure-as-Code solutions like Terraform are now better suited for cloud-native environments. Mandi shares insights on key shifts like increased automation to reduce incidents, centralizing infrastructure code management, and using Terraform providers to configure SaaS products. Tune in for a thoughtful perspective on how infrastructure teams have matur ..read more

In this episode, we are thrilled to welcome infrastructure industry veteran Robert Hafner. With over 15 years of hands-on experience under his belt, Robert has witnessed infrastructure practices evolve firsthand - from patched together bash scripts to modern declarative approaches. Today, he joins us to offer pragmatic perspectives on infrastructure as code maturity, drawn from his own journey towards increased confidence and reliability over time. Tune in as we plumb the depths of real-world IaC adoption, exploring everything from infrastructure testing practices to state management considera ..read more

In our tenth episode with Derek Morgan, DevOps Course Creator and founder of morethancertified.com, we discuss how IaC management has shifted over the years, which technologies and tools are the best for different use cases, and the current state of IaC solutions and providers. Listen now! After working for years in traditional infrastructure management, consulting, and Devrel, Derek Morgan is now the founder and lead instructor for morethancertified.com, creating training courses that cover topics from containers to the cloud. If he's not creating training, you can find him training for a mar ..read more

In our ninth episode, we chat with Anton Babenko, AWS Community Hero and Terraform Influencer, to take a deep dive into AWS, modules, and contributing to the open-source community. Tune-in now!Anton is an AWS Community Hero and helps companies around the globe build solutions using AWS and specializes in infrastructure-as-code, DevOps, and reusable infrastructure components. He spends much of his time as an open-source contributor on various Terraform & AWS projects. Such as Terraform AWS modules (downloaded more than 200 million times), Terraform best practices ebook (www.terraform-best-p ..read more

A ..read more

A ..read more

A ..read more