DSO Overflow
Glenn Wilson, and Steve Giguere
...more
All episodes
Best episodes
Top 10 DSO Overflow Episodes
Best episodes ranked by Goodpods Users most listened
09/02/22 • 50 min
DSO/Overflow S2EP4
Cloud Security at Large
with
Ashish Rajan and Shilpi Bhattacharjee from the Cloud Security Podcast
https://cloudsecuritypodcast.tv/
https://twitter.com/cloudsecpod?lang=en
https://www.youtube.com/c/CloudSecurityPodcast?sub_confirmation=1
Watch on YouTube: https://youtu.be/HV6iJReLoXE
In the episode, Jessica Cregg sits with Ashish and Shilpi and breaks the 4th wall about their mega successful Cloud Security Podcast, what advocacy means, and the state of Cloud Security at large.
DSO/Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout
https://open.spotify.com/show/0XVk0AKg26yLTCMMwkIA7m
This podcast is brought to you by our sponsors: Prisma Cloud and Sysdig
Your Hosts
Steve Giguere: linkedin.com/in/stevegiguere
Glenn Wilson: linkedin.com/in/glennwilson
Jessica Cregg linkedin.com/in/jessicacregg
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast via our website
For more about DevSecOps London Gathering check out
https://dsolg.com
09/02/22 • 50 min
S2Ep3 - Or Weis on Modern Authorization
DSO Overflow
03/31/22 • 42 min
In this episode, Or Weis talks to us about Full Stack Permission as a Service, why simplifying access control is crucial to creating secure infrastructure and how the use of access control could facilitate a zero-trust architecture.
BIO
Or is the CEO and co-founder of Permit.io, and co-maintainer and author of open source OPAL.ac. Or is a serial entrepreneur who is passionate about developer tools, previously founding Rookout.com, a leading production debugging solution; and managing Upwards Israel’s largest founders’ PLG community. Before becoming a founder, Or worked as a lead engineer in multiple cybersecurity and big data companies, the intelligence corps, as a consultant for the Ministry of Defence, and as VP R&D at Netline CT cyber division.
You can reach Or via LinkedIn linkedin.com/in/orweis
This podcast is brought to you by our sponsors: Prisma Cloud and Sysdig
Your Hosts
Steve Giguere: linkedin.com/in/stevegiguere
Glenn Wilson: linkedin.com/in/glennwilson
Jessica Cregg linkedin.com/in/jessicacregg
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast via our website https://dsolg.com
03/31/22 • 42 min
03/09/22 • 53 min
In this episode, Nathan and Chris talk about VPP, Calico, CNI and Service Mesh architecture. We will learn how VPP can enhance security and performance of your K8s clusters and the benefits of using Calico.
Bios
Chris Tomkins - Chris is lead developer advocate at Tigera, where he champions user needs to support Project Calico’s users and contributor community. He has worked in networking since 2000. After realising that a per-device CLI is not a scalable solution for a large environment, he took an early interest in infrastructure-as-code approaches and large-scale automation and continues to have a special interest in pursuing technologies in these areas.
You can reach Chris on Twitter @tomkinsda and LinkedIn https://www.linkedin.com/in/cdtomkins/
Nathan Skryypczak - Nathan is a software engineering at Cisco focusing on container networking & cloud app performance. After spending some time deploying & scaling web applications he took interest in converting his love for script based infras into cloud native approaches, and now contributes to the building blocks of line rate container networking. He’s a maintainer of the Calico/VPP integration, and of the QUIC stack & the cNAT in VPP.
You can reach Nathan via LinkedIn https://www.linkedin.com/in/sknat
This podcast is brought to you by our sponsors: Prisma Cloud and Dynaminet
Your Hosts
Steve Giguere: https://www.linkedin.com/in/stevegiguere/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast via our website https://dsolg.com
03/09/22 • 53 min
01/31/22 • 40 min
Episode Summary
In this episode, Nigel gives his views on the current state of DevOps adoption, the role of security in DevOps, and gives us some clues from the State of DevOps Report 2021 that will help organisations accelerate their DevOps journey.
Nigel's Bio
Nigel is a Field CTO at Puppet where he is responsible for bringing product knowledge and a senior technical operations perspective to Puppet field teams and customers, working on services strategy and representing the customer back into the product organization. He works with many of Puppet’s largest customers on the cultural and organizational changes necessary for large scale DevOps implementations. He has been deeply involved in Puppet's DevOps initiatives, and regularly speaks around the world about the adoption of DevOps in the enterprise and IT organizational transformation.
Episode Links
State of DevOps Reports: https://puppet.com/resources/?refinementList%5Btype%5D%5B0%5D=Report&page=1&configure%5BhitsPerPage%5D=18
Nigel's LinkedIn: linkedin.com/in/nigelkersten
Nigel's Twitter: @nigelkersten
This podcast is brought to you by our sponsors: Prisma Cloud and Dynaminet
Your Hosts
Steve Giguere: https://www.linkedin.com/in/stevegiguere/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast via our website https://dsolg.com
01/31/22 • 40 min
12/29/21 • 45 min
From containers to Kubernetes to cloud, it can be hard enough to keep up with the technologies let alone how to secure them.
Rory McCune was there at the inception. Starting as a pen tester looking into containers he has become one of the world's foremost Kubernetes security authorities.
In this episode Glenn and Steve talk to him about the early days of containers, the orchestration wars, the first ever Kubernetes CVE and how security chases a technology maturing at breakneck speed.
You can reach Rory on Twitter: https://twitter.com/raesene
Your Hosts
Steve Giguere: https://www.linkedin.com/in/stevegiguere/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast.
- https://dsolg.com
- https://www.meetup.com/DevSecOps-London-Gathering/
- https://twitter.com/DevSecOps_LG
- https://www.youtube.com/c/DevSecOpsLondonGathering
12/29/21 • 45 min
EP:16 Breaking down silos with Stefania Chaplin
DSO Overflow
12/26/21 • 45 min
In this episode, Steve and Glenn are joined by Stefania Chaplin to talk about breaking down silos.
Bio
Stefania Chaplin’s experience within Cybersecurity, DevSecOps and OSS governance means she's helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania is always optimising and improving efficiency wherever she goes by scripting & automating processes and creating integrations. Stefania is passionate about DevSecOps and cybersecurity, having spoken at many conferences including; RSA Conference, ADDO, OWASP, JavaZone, Women of Silicon Roundabout, Women in DevOps, DZone and many more. She is also an active member of OWASP DevSlop, hosting their technical shows.
You can reach Stefania on Twitter, Instagram, and YouTube with the handle @devstefops, or on LinkedIn https://www.linkedin.com/in/stefania-chaplin.
Useful links
Deming's 14 points: https://deming.org/explore/fourteen-points/
Your Hosts
Steve Giguere: https://www.linkedin.com/in/stevegiguere/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast.
- https://dsolg.com
- https://www.meetup.com/DevSecOps-London-Gathering/
- https://twitter.com/DevSecOps_LG
- https://www.youtube.com/c/DevSecOpsLondonGathering
12/26/21 • 45 min
EP15: DevSecOps Personas
DSO Overflow
10/25/21 • 53 min
In this episode, Steve and Glenn speak with Ed Tucker and Gary Robinson about the differences between DevSecOps personas.
DevSecOps Personas – what Developers, Security, and Operations think when it comes to people/tech/processes/culture when it comes to rolling out DevSecOps programs. Each of these teams have different drivers, ambitions, blockers, and challenges when it comes to a successful DevSecOps program. As Dale Carnegie said, ‘The only way to get anyone to do anything, is to make them want to do it’ - all the tech and process in the world isn’t going to make it successful if the people and culture (and heart) are not in it. So let’s share what we’ve seen from 100s of company interactions, understand better where everyone is coming from, and how to approach a DevSecOps program that can move the needle like Marty McFly playing Doc Brown’s guitar. We’ve love this to be interactive, so bring your stories and questions.
Gary Robinson has been working in software and cyber security for 20+ years, as a coder, pen tester, consultant, Security Architect at Citi, Global Board member at OWASP, and heading up Uleska to focus on DevSecOps for the last 5 years. Gary’s focused on the people, process, technology, and culture aspect of DevSecOps – as someone who’s worked in all three spaces during his time – and what drivers, blockers, etc each experience with ‘DevSecOps’, ‘shift-left’, ‘secure by design’, and the rest.
Ed Tucker is an exceptional Cyber Security leader, with extensive knowledge across most sectors, as a defender, vendor, consultant and founder. He was the 2017 European Chief Information Security Officer of the Year, UK Security Professional of the Year, and Security Leader of the Year and has been globally recognised for his vision and delivery.
Your Hosts
Steve Giguere: https://www.linkedin.com/in/stevegiguere/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast.
- https://www.meetup.com/DevSecOps-London-Gathering/
- https://twitter.com/DevSecOps_LG
- https://www.youtube.com/c/DevSecOpsLondonGathering
10/25/21 • 53 min
08/23/21 • 38 min
Title: Threat Modeling - A Manifesto And Some Code
Threat Modeling: Why we think it matters for you, and how you can implement it in your organization.
Modeling: How to model your system in an expressive way.
Eliciting threats: What are some of the major approaches in use and how can it be done closer to the developer and at Agile speed.
Evolution: Automated threat analysis using an open source tool (pytm). We will talk through the making of pytm and then do a demo.
Guest Speakers
Matthew Coles (he/him) is a security professional focused on the security of physical devices and the ecosystems and processes that enable them to operate. He has a MSc in Computer Science from Worcester Polytechnic University (USA), and maintains a CSSLP certification.
https://www.linkedin.com/in/matthew-coles-4330652/
Izar Tarandach (he/him) has peeked and poked at security from various sides over the last couple of decades, currently focusing on modern SDLC's and how AppSec extrapolates onto the larger scheme of Security. He has a MSc in Computer Science/Security from Boston University (USA).
https://www.linkedin.com/in/izartarandach/
Izar and Matt have collaborated on security techniques and training for the past 10 years, co-authoring a book on Threat Modeling, are founding members of the Threat Modeling Manifesto, and created and maintain an open source threat modeling automation system, pytm.
Your Hosts
Michael Man: https://www.linkedin.com/in/mman/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast.
- https://www.meetup.com/DevSecOps-London-Gathering/
- https://twitter.com/DevSecOps_LG
- https://www.youtube.com/c/DevSecOpsLondonGathering
08/23/21 • 38 min
EP13: Top 5 things I wish I knew about SAST
DSO Overflow
08/04/21 • 45 min
Application security testing ... top tips to achieve more SASTisfaction from your tooling.
References
- Youtube Channel: AppSecEngineer
- Youtube Channel: we45
- OSSF Scorecard
Please visit our YouTube Channel to see Florin present in our July 2021 Gathering (monthly meet-up).
Guest Speakers
Florin CoadaI've been working in the Application Security testing space for the last eight years. I was lucky enough to experience many customer environments and different testing technologies (SAST, DAST, IAST, SCA). Over the years, I became more interested in SAST, and I am currently working as a product manager in this space. One of my areas of personal interest is how we enable developers to become more independent and get security teams to trust them more. I'm always up for a talk about security, gaming and a combination of both.
https://www.linkedin.com/in/florincoada/
Abhay Bhargav
Abhay is the CEO of we45, a focused Application Security company. He's a renowned application security expert and a leader in the domain of DevSecOps. Abhay brings with him, a rich experience with working on complex security engagements, from penetration testing to security architecture reviews to compliance consulting.
https://www.linkedin.com/in/abhaybhargav/
Your Hosts
Michael Man: https://www.linkedin.com/in/mman/
Glenn Wilson: https://www.linkedin.com/in/glennwilson/
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast.
- https://www.meetup.com/DevSecOps-London-Gathering/
- https://twitter.com/DevSecOps_LG
- https://www.youtube.com/c/DevSecOpsLondonGathering
08/04/21 • 45 min
S2Ep5 - Security Differently with Mario Platt
DSO Overflow
09/12/22 • 49 min
DSO Overflow S3EP5
Security Differently
with
Mario Platt from LastPass
In this episode Glenn Wilson and Steve Giguere sit down with Mario Platt to discuss how the current paradigm of doing security is not working. Taking lessons from how safety is managed within a physically demanding role, Mario examens why compliance is failing and how we need to build a new model based on resilience.
Resources mentioned in this podcast:
- Mario's presentation given at DSO LG in May 2022
- Rasmussen paper Rasmussen, J. (1997). Risk management in a dynamic society: A modelling problem. Safety Science, 27(2-3), 183-213
- Dekker, S. (2015)”Safety Differently - Human Factors for a new era”, Ashgate Publishing
- Decluttering your security management system
- Rasmussen's Systemic Risk Modelling and Cyber Security
- Why our security policies are a business liability and what to do about it
DSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout.
This podcast is brought to you by our sponsors: Prisma Cloud and Sysdig
Your Hosts
Steve Giguere linkedin.com/in/stevegiguere
Glenn Wilson linkedin.com/in/glennwilson
Jessica Cregg linkedin.com/in/jessicacregg
DevSecOps - London Gathering
Keep in touch with our events associated with this podcast via our website.
For more about DevSecOps - London Gathering check out https://dsolg.com
09/12/22 • 49 min
Show more

Show more
FAQ
How many episodes does DSO Overflow have?
DSO Overflow currently has 34 episodes available.
What topics does DSO Overflow cover?
The podcast is about Security, Devops, Podcasts, Technology and Science.
What is the most popular episode on DSO Overflow?
The episode title 'S2Ep4 - Cloud Security @ Large with Ashish and Shilpi' is the most popular.
What is the average episode length on DSO Overflow?
The average episode length on DSO Overflow is 43 minutes.
How often are episodes of DSO Overflow released?
Episodes of DSO Overflow are typically released every 28 days.
When was the first episode of DSO Overflow?
The first episode of DSO Overflow was released on Nov 24, 2019.
Show more FAQ

Show more FAQ
Comments
0.0
out of 5
No ratings yet