A DEV FRIENDLY CLOUD NATIVE SECURITY PIPELINE!
Cloud Security Podcast11 Maj 2023

A DEV FRIENDLY CLOUD NATIVE SECURITY PIPELINE!

Cloud Security Podcast - we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fiveth episode in this series Eve Ben Ezra from The New York Times. GitOps, OPA Conftest, ArgoCD are some of the components to add security to a Cloud Native Security Pipeline! - Eve Ben Ezra from The New York Times shared how we can use these tools to create a Dev Friendly Security Pipeline.


Episode ShowNotes, Links and Transcript on Cloud Security Podcast: ⁠⁠⁠⁠⁠⁠⁠www.cloudsecuritypodcast.tv⁠⁠⁠⁠⁠⁠⁠


FREE CLOUD BOOTCAMPs on ⁠⁠⁠⁠⁠⁠⁠www.cloudsecuritybootcamp.com⁠⁠⁠⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Eve Ben Ezra (Eve Ben Ezra's Linkedin)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠⁠⁠⁠


If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

(00:00) Introduction

(03:10) A bit about Eve

(04:05) Eve's 2nd Kubecon

(04:43) About Eve's talk at Kubecon

(05:29) What is GitOps?

(06:28) What is Argo CD?

(07:19) What is OPA?

(07:34) Why NYTimes has a development platform?

(09:14) Challenges with implementing a shared infrastructure

(11:17) Feedback is one of the challenges

(12:19) Using OPA gatekeeper

(13:30) When should developers get feedback in GitOps operational framework?

(14:52) What does local feedback to developers look like?

(15:54) What is Conftest?

(16:24) How do people get started with OPA?

(18:32) Making security more accessible for developers

(23:02) Managed or self hosted Kubernetes deployment

(24:09) How to get started with this?

(25:08) Starting with OPA vs Starting with CICD

(25:35) Where can you start learning about Kubernetes?

(28:10) The difference between CI and CD


See you at the next episode!

Avsnitt(345)

Your SecOps Team Can't Save Your Cloud: A New Blueprint for Security.

Your SecOps Team Can't Save Your Cloud: A New Blueprint for Security.

The conversation around cloud security is maturing beyond simple threat detection. As the industry grapples with alert fatigue, we explore the necessary shift from a reactive to a proactive security p...

27 Aug 202547min

New Identity Blueprint for a Future with Cloud & AI

New Identity Blueprint for a Future with Cloud & AI

Identity is the root cause of over 70% of all security incidents, yet many organizations still rely on fundamentally flawed authentication methods. In this episode, Jasson Casey, CEO and co-founder of...

22 Aug 202549min

AI for SOC Automation: A Blueprint for the New world of Incident Response

AI for SOC Automation: A Blueprint for the New world of Incident Response

The nature of Security Operations is changing. As cloud environments grow in complexity and data volumes explode, traditional approaches to detection and response are proving insufficient. This episod...

8 Aug 202552min

The Truth About Agentic AI in the SOC: Reality vs. Hype

The Truth About Agentic AI in the SOC: Reality vs. Hype

What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real...

7 Aug 202552min

Understanding a $10B Fraud Vector in Cloud-Native Workflows

Understanding a $10B Fraud Vector in Cloud-Native Workflows

A $10 billion fraud vector is currently exploiting a common feature in many cloud-native applications: the SMS verification flow. This isn't a traditional breach. Instead of stealing data, adversaries...

22 Juli 202544min

How BT Tackled 180 Years of Legacy to Build a Passwordless Future

How BT Tackled 180 Years of Legacy to Build a Passwordless Future

How do you modernize security in a 180-year-old company that operates critical national infrastructure? What does it look like when you discover tens or even hundreds of thousands of credentials hidde...

17 Juli 202519min

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI

Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for s...

15 Juli 202545min

Guide to Hybrid Cloud & Bare Metal Secret Management

Guide to Hybrid Cloud & Bare Metal Secret Management

Is your organization struggling with secret management across bare metal, hybrid, and multi-cloud environments? Standard cloud-native tools often fall short when you need a single, standardized soluti...

9 Juli 202532min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
rss-elektrikerpodden
bilar-med-sladd
skogsforum-podcast
rss-uppgang-och-fall
rss-technokratin
market-makers
natets-morka-sida
rss-veckans-ai
rss-laddstationen-med-elbilen-i-sverige
bli-saker-podden
rss-powerboat-sverige-podcast
developers-mer-an-bara-kod
rss-en-ai-till-kaffet
har-vi-akt-till-mars-an
rss-fabriken-2
rss-snacka-om-ai
hej-bruksbil
effekten-digitalisering-kunskap