Stephen Giguere, a DevSecOps engineer at Aqua Security hosts conversations with cyber security influencers and front line DevOps warriors, to help provide us with a Cloud Native security blanket, for those who are entering the world of DevSecOps.
EP15: Cheryl Hung - The CNCF End User Community and Virtual KubeCon 2020
Cheryl Hung (@oicheryl) has recently been promoted to the CNCF's VP of Ecosystem after growing their end user community into the largest of of any open source foundation or standards body. In this episode she speaks to Steve Giguere (@_SteveGiguere_) about the creation of community, the results of her latest initiative in the space called the CNCF Technology Radar, and of course the upcoming Virtual KubeCon 2020.
Learn more about Cheryl:
The CNCF End User Community:
EP14: The Evolution of CSPM with CloudSploit Founders Matthew Fuller and Josh Rosenthal
Public cloud misconfigurations have already led to some high profile data breaches. As complexity of cloud native increases, so do the hours dedicated creating and enforcing best practices across IaaS and SaaS providers. Matt Fuller (@matthewdfuller) and Josh Rosenthal got out in front of that curve early founding CloudSploit, a CSPM tool that automates the pain of cloud security posture management. Both founders spent time with Steve Giguere (@_SteveGiguere_) discussing the evolution of CloudSploit and the establishment of CSPM from both a technological and business perspective.
EP13: Security for Serverless Functions with Dean Bryen
Dean Bryen (@deanbryen) is a developer advocate working for Microsoft with a focus on serverless security. He is very active in the community in London having worked on the London 2012 Olympics, was part of the early serverless at AWS and is now talking to Steve (@_SteveGiguere_) bringing clarity to the definition of serverless itself as well as the new attack surface it brings.
EP12: Michael Hausenblas on Software Supply Chain Management (via GitOps)
In this episode, Michael @mhausenblas and Steve ( @_SteveGiguere_ of Aqua Security) talk specifically about Software Supply Chain Management. We dive into what that means (or at least should mean) to us, and how, via open source tooling and gitops, we can create a secure cloud native software supply chain.
EP11: Liz Rice - The Container Security Book
Liz Rice @lizrice, VP of Open Source Engineering at Aqua makes a second appearance on BeerSecOps with Steve Giguere @_SteveGiguere_of Aqua Security @aquasecteam to discuss her new book from O’Reilly, diving deep into Container Security.
EP10: Tanya Janca – AppSec Education
Steve Giguere @_SteveGiguere_ of Aqua Security @aquasecteam met with fellow Canadian and application security thought leader Tanya Janca @SheHacksPurple!
They talk about how the current global pandemic is affecting us and our industry, her career path into application security, past initiatives like Women in Security (WoSec) and SheHacksPurple, and finally her new passion in creating educational content for developers and tech enthusiasts on security.