BeerSecOps Aqua Security

Cheryl Hung (@oicheryl) has recently been promoted to the CNCF's VP of Ecosystem after growing their end user community into the largest of of any open source foundation or standards body. In this episode she speaks to Steve Giguere (@_SteveGiguere_) about the creation of community, the results of her latest initiative in the space called the CNCF Technology Radar, and of course the upcoming Virtual KubeCon 2020.

Learn more about Cheryl:
https://oicheryl.com
https://twitter.com/oicheryl
https://linkedin.com/in/cheryljhung

The CNCF End User Community:
https://cncf.io/people/end-user-community/
https://cncf.io/blog/2020/06/12/introducing-the-cncf-technology-radar/
https://cncf.io/tech-radar

KubeCon 2020:
https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/

Public cloud misconfigurations have already led to some high profile data breaches. As complexity of cloud native increases, so do the hours dedicated creating and enforcing best practices across IaaS and SaaS providers. Matt Fuller (@matthewdfuller) and Josh Rosenthal got out in front of that curve early founding CloudSploit, a CSPM tool that automates the pain of cloud security posture management. Both founders spent time with Steve Giguere (@_SteveGiguere_) discussing the evolution of CloudSploit and the establishment of CSPM from both a technological and business perspective.

Dean Bryen (@deanbryen) is a developer advocate working for Microsoft with a focus on serverless security. He is very active in the community in London having worked on the London 2012 Olympics, was part of the early serverless at AWS and is now talking to Steve (@_SteveGiguere_) bringing clarity to the definition of serverless itself as well as the new attack surface it brings.

In this episode, Michael @mhausenblas and Steve ( @_SteveGiguere_ of Aqua Security) talk specifically about Software Supply Chain Management. We dive into what that means (or at least should mean) to us, and how, via open source tooling and gitops, we can create a secure cloud native software supply chain.

Liz Rice @lizrice, VP of Open Source Engineering at Aqua makes a second appearance on BeerSecOps with Steve Giguere @_SteveGiguere_of Aqua Security @aquasecteam to discuss her new book from O’Reilly, diving deep into Container Security.

Steve Giguere @_SteveGiguere_ of Aqua Security @aquasecteam met with fellow Canadian and application security thought leader Tanya Janca @SheHacksPurple! 

They talk about how the current global pandemic is affecting us and our industry, her career path into application security, past initiatives like Women in Security (WoSec) and SheHacksPurple, and finally her new passion in creating educational content for developers and tech enthusiasts on security.