40.5K
Downloads
79
Episodes
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show notes, and discussion of past and upcoming episodes visit devsecops.fm
Episodes
Saturday Jun 06, 2020
Saturday Jun 06, 2020
How do you start to implement a CI pipeline when dealing with infrastructure as code implemented via Terraform? What are the security concerns when the credentials to the whole kingdom are used in an automated process? In this episode, we discuss the various security and feasibility aspects of using Terraform in a CI pipeline.
We start the episode by catching up with what we’ve been working on. Feel free to skip to 11:52 if you want to go directly to the topic. Having an automated process to deploy and manage infrastructure has advantages such as fast feedback and collaboration. The code for the infrastructure is treated like an application that is versioned, tested, and deployed.
Show notes are available at https://devsecops.fm/episodes/terraform-in-ci/
Monday May 25, 2020
Monday May 25, 2020
Andrey tells us the story of how DevOps came into existence and took over the market. We discuss the marketing around it, its relationship with DevSecOps. We tried to shed a light on what is marketing strategy versus implementing DevOps in an organization. We also compared DevOps to SRE (Site Reliability Engineering)
Wednesday May 06, 2020
Wednesday May 06, 2020
In this episode, Mattias, Julien, and Andrey share tips and tricks on how to stay on top of what is going on in the industry, resources they use for continuous learning. Make sure to visit devsecops.fm to check out show notes that contain references to resources mentioned during discussion and more
Wednesday May 06, 2020
Wednesday May 06, 2020
This time Johan Abildskov, a Senior Consultant with Praqma/Eficode, joins us to talk about SemVer (Semantic Versioning), and we finally get to hear what Julien has to say about it. We get to explore different options regarding versioning and how it helps humans communicate. At the end of the podcast, everyone gets to share their approach and recommendations for versioning things.
Tuesday Apr 07, 2020
Tuesday Apr 07, 2020
We had a couple of possible topics for this episode but before getting started with them we decided to discuss what technological problems we were solving during the last two weeks. Well, turns out there was quite a lot to discuss. Tune in for tips on ssh session logging on the ssh server, preventing downloads from AWS S3 even if you got read access, credentials in Git repository 🤦, why you should (or should not) do K8S and more.
Thursday Mar 26, 2020
Thursday Mar 26, 2020
In this episode Mattias is trying to convince that running docker in k8s is more security then VM. Did he success ? listen and find out.
Friday Mar 20, 2020
Friday Mar 20, 2020
Your docker images and build are be coming the base for our platform. But are they secure? In this episode we talk about how you can secure your docker images.
Friday Mar 20, 2020
Friday Mar 20, 2020
Gitops a new concept on devops. Whats is it and how can you use it when deploy and setup your k8s cluster.
Thursday Mar 19, 2020
Thursday Mar 19, 2020
Are infra as code always the best way to go and if not when and where should you use it. Here we are trying to better understand when its god to use and when its not.