Aaron Palermo on Cybersecurity and SDP - Episode 018

Aaron Palermo on Cybersecurity and SDP - Episode 018

Today’s episode is a bit of a special one your host, Jeffrey Palermo, interviews his own older brother, Aaron Palermo. Aaron is a DevOps engineer, solution architect, and all-around cybersecurity expert. He works for a global cybersecurity services company, is a member of the Cloud Security Alliance, and is a co-author of the up-and-coming Software Defined Perimeter Specification Version 2.

SDP is a full replacement for VPN providing better protection to fully secure your data, devices, and accounts.

This episode is jam-packed with incredibly useful information applicable to software developers but also anybody who has a Wi-Fi network. Stay tuned to hear about how an SDP replaces a VPN, Aaron’s recommendations on how people can fully protect themselves online, which state-of-the-art multi-factor authentication people should be using, how to keep your data safe and protect from Wi-Fi vulnerabilities, and more.

Topics of Discussion:

[:52] About today’s topic and guest.

[1:24] About the Palermo family and Aaron’s background in the industry.

[5:23] Aaron explains what an SDP is.

[7:18] How an SDP affects a person’s setup.

[13:22] Does an SDP complement a VPN or does it replace a VPN?

[13:40] Does an SDP create a network to a data center or can parts of the network exist anywhere?

[14:23] What are the products available now to use an SDP?

[16:00] Some differences between an SDP and a VPN.

[17:00] A message from The Azure DevOps Podcast’s sponsor: Clear Measure.

[17:28] Aaron’s thoughts on whether or not companies not using SDP would be considered malpractice in the future.

[19:26] Why SDP serves a good solution.

[21:05] Would an SDP be an absolute recommendation to people working from home when accessing anything that’s not ‘software as a service?’

[22:49] For smaller organizations, what are Aaron’s SDP recommendations that are easy to get started with?

[24:32] What are some things that people should be doing to protect themselves and their accounts online?

[26:55] On the corporate side, Aaron gives his suggestions on what people should be doing with their ‘software as a service’ accounts.

[28:05] The state-of-the-art multi-factor authentication people should be using.

[29:22] Aaron gives a rundown of YubiKey and how it’s used.

[31:35] The brands Aaron and his customers use (multi-factor authentication-wise.)

[32:05] Aaron speaks about general Wi-Fi vulnerabilities.

[35:08] Aaron explains the premises of his two recent presentations: “Tell My Wi-Fi Love Her,” and “Wi-Fi Trolling.”

[39:27] Aaron’s best recommendations for keeping your data safe.

[41:26] Aaron’s recommendations for backup services.

[43:00] Aaron’s recommendations for backup services on the business or corporate level.

[45:52] Aaron’s take on single sign-on providers and his recommendations to balance ease of development.

[50:30] Aaron and Jeffrey wrap up this week’s episode.

Mentioned in this Episode:

SDP Specification v1.0

Cloud Security Alliance

Azure DevOps

Cyxtera

Zscaler

Duo Security

Clear Measure (Sponsor)

YubiKey

KeePass

LastPass

1Password

BitLocker for Windows

FileVault on Mac

CrashPlan

BackBlaze

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Episoder(372)

Aaron Palermo: Cyber Security and Systems Engineering with AI-Driven Development - Episode 372

Aaron Palermo: Cyber Security and Systems Engineering with AI-Driven Development - Episode 372

Aaron Palermo is a Senior Solutions Architect, DevOps engineer, and all-around cybersecurity expert. He works for a global cybersecurity services company, Appgate. Aaron was last on the show in episode 196, sharing about Zero Trust Networking.   Topics of Discussion: [3:20] Aaron shares his excitement for learning new things and solving innovative challenges, which keep him engaged in the field. [3:30] Aaron explains his current role at Appgate, a zero-trust network access company. [4:25] The importance of direct-routed solutions for federal customers who want to own and manage their infrastructure. [6:27] Aaron recounts how he applied insights from previous ADP guests Scott Hunter, Burke Holland, and Greg Leonardo. [7:56] He explains the process of querying the Appgate API with natural language and the insights gained from the AI agent’s code generation. [8:24] Testing an Integration in the Lab. [11:05] Jeffrey and Aaron discuss the benefits of using open-source tools and the flexibility of Proxmox for network testing. [14:47] VS Code and Copilot Integration, and what’s next. [19:39] Aaron introduces n8n.io as a low or no-code automation platform that integrates with AI agents and APIs for workflow orchestration. [21:15] Integrating simple automation examples, such as weather-based watering systems and data-driven decisions without sensors. [28:09] OpenWRT’s flexibility and customization. [30:01] What are some of the scenarios where a software-defined network might be the right tool? [33:26] Know what you want, and write from a purpose.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Ep 196 with Aaron Palermo n8n AppGate   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

20 Okt 35min

Software Leadership with Jonathan “J.” Tower - Episode 371

Software Leadership with Jonathan “J.” Tower - Episode 371

Jonathan Tower is known to friends and colleagues simply as “J.” J. is a Microsoft MVP, Telerik Developer Expert, and the founder of Trailhead Technology Partners, a global custom software consultancy. With nearly 25 years of experience in the industry, J. has held roles ranging from senior architect to director of development, and now leads a team building high-quality, large-scale applications across a wide range of technologies.   J.’s technical expertise spans C#, .NET, ASP.NET MVC, and modern JavaScript frameworks, along with mobile app development. But what truly sets him apart is his passion for building community. He’s the driving force behind Beer City Code, Michigan’s largest software conference, and serves on the board of SoftwareGR, a nonprofit dedicated to growing the software industry in West Michigan.   He’s also a frequent speaker at conferences and meetups around the world, a LinkedIn Learning course author, and a mentor to many through his work with robotics teams and local tech groups.   Outside of tech, J. is an adventurer at heart. He and his family recently completed a year-long road trip across the U.S., visiting 58 of the 63 national parks. He’s also a fan of photography, hiking, reading, and catching every Best Picture nominee before the Oscars.   Topics of Discussion: [3:30] Fun fact! J. has been to 58 of the 63 national parks, with his current favorite being Glacier National Park. [4:46] J. explains his early interest in creating things and his discovery of software development in middle school. [7:33] J.’s journey into leadership and consulting. [11:04] J. talks about his Blue Blazes podcast and the inspiration behind the name. [14:27] The “shiny object syndrome” and the misuse of microservices architecture. [15:06] Understanding the true needs of a project before implementing complex solutions. [21:20] AI should be viewed as a collaborative tool, not a replacement for team members. [22:51] The insight that J. got at a Ford Factory about how AI can help us shape and create jobs instead of just replacing them. [27:50] J. mentions he recently released courses on Dome Train about migrating legacy applications. [29:05] Choosing the framework that is the most similar model. [31:29] The type of traits that J. would look for in a lead engineer or a team leader.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Jonathan “J.” Tower LinkedIn JTower Website Trailhead Technology Jonathan “J.” Tower MVP Blue Blazes Podcast .NET Foundation Dome Train — Jonathan Tower     Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

13 Okt 35min

Peter Ritchie: .NET Foundation - Episode 370

Peter Ritchie: .NET Foundation - Episode 370

Peter Ritchie is a veteran software architect and consultant with over 35 years of experience in the tech industry. Peter is renowned for his deep expertise in .NET development, distributed systems, and agile methodologies. He’s an accomplished author of several technical books, a former Microsoft MVP, and a sought-after international speaker. Peter is also actively involved in the .NET community and was a candidate for the .NET Foundation Board of Directors, reflecting his commitment to open-source and developer advocacy. Through his consulting work, he helps teams elevate their architecture, code quality, and development practices — especially in areas like ASP.NET, Clean Architecture, and CI/CD pipelines.   Topics of Discussion: [3:45] Overview of .NET Foundation. [5:33] Support for User Groups and .NET 10. [5:48] The upcoming release of .NET 10 and Visual Studio 2026. [6:39] Stability and backward compatibility. [9:10] Challenges and approaches to business logic. [11:24] Repository structure and team organization. [15:27] Testing and continuous integration. [17:12] The role of experienced developers in mentoring and reviewing the work of junior developers. [20:02] Jeffrey mentions a recent blog post of Peter’s and how we can define clear user stories, including roles, actions, criteria, and benefits, to ensure developers understand the requirements. [24:15] The importance of context in AI-driven development and how it applies to working with people. [25:06] How the AI revolution can lead to better understanding and communication within development teams.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Peter Ritchie LinkedIn     Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

6 Okt 28min

Greg Leonardo: Azure and AI - Episode 369

Greg Leonardo: Azure and AI - Episode 369

Greg Leonardo is a Principal Cloud Architect, Certified Azure Solution Architect Expert, and Microsoft Azure MVP with over two decades of experience driving high-impact cloud transformations for global enterprises. Greg’s work sits at the crossroads of architecture, innovation, and mentorship, where he crafts scalable, cost-efficient, and future-ready solutions that align technology with business strategy. He’s a recognized authority in Azure-native architecture, FinOps optimization, and AI integration, known for delivering measurable results—from reducing cloud spend to accelerating DevOps agility through Terraform and infrastructure as code. His leadership extends beyond technical execution, as he actively cultivates cloud talent and fosters a culture of continuous improvement. A former Gulf War veteran, Greg brings discipline, resilience, and strategic foresight to every initiative — whether building global cloud ecosystems or leading high-performance engineering teams. He’s also a passionate advocate for the cloud community, sharing insights daily through technical writing and open mentorship.   Topics of Discussion: [5:46] Greg discusses his approach to AI, emphasizing responsible AI and the importance of understanding its limitations. [8:12] AI’s journey through the Hype Cycle. [11:09] Greg introduces the concept of AI as “virtual employees.” [16:44] Greg talks about how he uses both Microsoft 365 Copilot and ChatGPT Enterprise to compare their capabilities. [18:36] How Greg tests and compares AI tools. [20:21] Comparing AI to previous search and research methods. [23:31] Improving AI results through better prompts. [26:17] The agent framework, sharing, and limitations of AI agents. [36:47] AI’s ability to generate architectural diagrams. [41:49] Exploring autonomous coding agents. [41:45] Why we aren’t quite ready for the “fire and forget” side. [43:08] Struggling with the memory behind chat. [44:02] Closing thoughts — what can we expect in the future, and what are more practical applications of AI?   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Gregory Leonardo LinkedIn Greg Leonardo Website Ep 326 with Greg Leonardo: The Latest in Azure Ep 282 with Greg Leonardo: Optimizing Cloud Budgets   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

29 Sep 48min

John Bristowe: The Latest from Octopus Deploy - Episode 368

John Bristowe: The Latest from Octopus Deploy - Episode 368

John Bristowe brings over 20 years of experience in technology to his role as Community Director at Octopus Deploy. His career includes time at Progress and Microsoft, where he developed his skills in management and technology. Known for a straightforward and engaging style, John often speaks at industry conferences, sharing practical tips and insights. John is a HashiCorp Ambassador and part of the Progress Champions program.   He enjoys creating content such as articles, webinars, and podcasts, aiming to help others in the tech community. In his free time, John likes to stay informed about the latest tech developments and shares his learning with an online audience. His approach is always about sharing knowledge and learning together.   Topics of Discussion: [2:47] John shares his career journey, starting at Microsoft in 2005, and his involvement in developer evangelism. [4:03] The evolution of Octopus Deploy, from an open-source project to a commercial tool. [5:47] The importance of setting up deployment pipelines and the challenges of deploying on weekends due to brittle pipelines. [6:36] Check out the Octopus Deploy roadmap for updates on new features and innovations. [9:04] The potential of AI in the deployment space and the importance of maintaining a balance between AI and human involvement. [10:46] More about Codefresh. [11:23] The integration of AI capabilities in Octopus Deploy, including the AI assistant. [15:17] Designer Experience vs. Text-Based Workflows. [24:43] Common use cases for runbooks, including server maintenance, database management, and cost management in Kubernetes. [26:22] The importance of automated health checks and runbooks for ensuring reliable and cost-effective deployments. [29:58] Platform Hub and Enterprise Scalability.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Octopus Deploy Codefresh   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

22 Sep 32min

Mads Kristensen: Visual Studio 2026 - Episode 367

Mads Kristensen: Visual Studio 2026 - Episode 367

Mads is a Principal Product Manager on the Visual Studio team at Microsoft, where he champions developer productivity, performance, and extensibility. With a deep passion for streamlining the development experience, Mads has created dozens of widely used Visual Studio extensions — including Web Essentials, File Nesting, and Markdown Editor v2 — and maintains the Extensibility Essentials toolkit to empower other developers to build better tools. Mads brings over a decade of experience in web development on the Microsoft platform. He is also the founder of SchemaStore.org and a home automation enthusiast. Known for his engaging presentations and hands-on insights, Mads is a frequent speaker at developer conferences worldwide. He lives in the Pacific Northwest and his mission is simple: to make Visual Studio the most delightful development environment on the planet.   Topics of Discussion: [2:38] More about Mads’ career journey at Microsoft. [5:14] The new and improved Visual Studio. [7:44] Backwards compatibility is a key feature — .NET solutions will still work across different Visual Studio versions. [8:55] How Microsoft’s strategy differentiates between Visual Studio and VS Code. [10:42] Visual Studio is the premier development environment for .NET and C# on Windows, offering the most comprehensive and optimized experience. While VS Code can handle .NET development, it’s not as feature-rich or performant as the full Visual Studio. [12:58] Visual Studio has moved to a monthly release cadence to be more competitive with VS Code’s frequent updates. [13:48] Deep AI integration in Visual Studio allows for context-aware assistance, including a new profiler agent that can help optimize code performance. [23:53] Compilation performance is improved in Visual Studio 2026. [26:35] The new profiler agent can be invoked through Copilot chat, running benchmarks and suggesting performance improvements scientifically. [30:30] Developers can create custom MCP servers to integrate private systems and databases with AI tools using a project template. [35:39] The AI coding agent in Visual Studio can work autonomously or with developer supervision, creating pull requests or working alongside the developer. [39:11] Visual Studio’s Copilot can be used as a companion to bounce ideas off, helping with architectural decisions and new feature explorations.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Mads Kristensen on LinkedIn @mkristensen on X Mads Kristensen JSON Schema Store Visual Studio   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

15 Sep 45min

Richard Hundhausen and Brad Frazer: Who Owns the Code? - Episode 366

Richard Hundhausen and Brad Frazer: Who Owns the Code? - Episode 366

Brad Frazer is a Boise-based attorney and partner at Hawley Troxell, Idaho’s largest law firm, where he leads the Intellectual Property & Internet practice group with a specific focus in IP Strategy, AI, Data Security, and IT. A graduate of BYU, UC Hastings, and the University of Utah, Brad has decades of experience in cybersecurity, internet law, and IP, including roles as Deputy General Counsel at major tech firms. He’s also a published novelist and a recognized expert in emerging technologies like blockchain, NFTs, and Web3.   Richard Hundhausen helps software organizations and teams deliver better products by understanding and leveraging Azure DevOps and Scrum. He is a Professional Scrum Trainer and author of Professional Scrum with Azure DevOps (MS Press). As a software developer and consultant with over 30 years of experience, he understands that software is built and delivered by people and not by processes or tools.   Topics of Discussion: [2:24] Richard and Brad share their enthusiasm for AI, and they discuss the legal implications of using AI-generated code. [4:00] Brad explains that ownership of AI-generated code is academic until legal issues arise, such as lawsuits or investment rounds. [5:29] Richard explains the process of using AI tools to create code, emphasizing the iterative nature of the process. [8:02] The nuances of copyright law, including the need for human authorship to establish ownership. [10:57] How one gets a registered copyright. [14:19] The different things that AI-driven development can mean. [19:44] Risk avoidance practices as a coder. [23:46] Brad advises software developers to be aware of the legal environment and the potential risks of using AI tools. [24:59] What is an AI output, and what is just the computer being helpful? [32:35] Brad shares a real-world example of a $20 million deal where the seller did not own the code, highlighting the potential risks. [38:38] Brad mentions the Anthropic case, where the company was sued for training its LLM on copyrighted material. [41:22] Richard and Brad discuss the importance of raising awareness and providing resources to help developers understand the legal implications of using AI tools.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Brad Frazer LinkedIn Richard Hundhausen LinkedIn Thaler vs. Perlmutter Bartz v. Anthropic Who Owns the Code?   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

8 Sep 45min

Tony Cardella: .NET Testing using NCrunch - Episode 365

Tony Cardella: .NET Testing using NCrunch - Episode 365

Tony Cardella is a seasoned software engineer based in Houston, Texas. With a robust background in enterprise development, Tony brings deep expertise in the .NET Framework (C#), Python, and cloud platforms including Microsoft Azure and Amazon Web Services. His technical repertoire spans both relational databases — such as SQL Server, MySQL, and PostgreSQL — and NoSQL solutions like Azure Cosmos DB.   Tony is a strong advocate for developer productivity tools, frequently leveraging JetBrains products including ReSharper, DataGrip, PyCharm, and Rider, as well as Visual Studio. Outside the world of code, Tony is equally passionate about strength training, whether he’s lifting weights himself or coaching others in the discipline.   Topics of Discussion: [1:34] Tony shares his career journey, starting with a consulting company that reached out to him while he was job hunting. [3:17] NCrunch is an automated testing tool that runs unit tests continuously, focusing on impacted tests. [5:08] Challenges and benefits of NCrunch, and why would we need to use it? [7:44] Tony shares his approach to unit testing, focusing on covering 80% of the code with minimal effort and addressing the remaining 20% as needed. [8:51] The importance of not over-investing in unit tests that may not provide significant value. [11:47] Tony explains how Ncrunch provides code coverage metrics and visual indicators of covered and uncovered code. [12:59] The tool’s ability to show exactly where unit tests are failing, without needing to dive into stack traces. [13:51] Distributed processing and integration tests. [27:44] The challenges of running integration tests with external dependencies, such as databases. [29:18] Exploratory testing and code quality. [32:34] Tony emphasizes the value of unit tests in codifying tribal knowledge and ensuring code quality.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Tony Cardella Lightning Talks! The Code Gorilla Survey: Fixing Bugs Stealing Time from Development NCrunch   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

1 Sep 39min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
forklart
aftenpodden-usa
popradet
stopp-verden
det-store-bildet
fotballpodden-2
dine-penger-pengeradet
nokon-ma-ga
frokostshowet-pa-p5
rss-ness
rss-penger-polser-og-politikk
rss-dannet-uten-piano
aftenbla-bla
unitedno
rss-gukild-johaug
bt-dokumentar-2
rss-borsmorgen-okonominyhetene
e24-podden