DSO Overflow

Glenn Wilson, and Steve Giguere
  • ٠٫٠ (٠)
  • التكنولوجيا
  • يتم التحديث كل شهرين

In this podcast, we speak with professionals working in cyber security, software engineering and operations to talks about a number of DevSecOps topics. We discuss how organisations factor security into their product delivery cycles without compromising the value of doing DevOps and Agile.

  1. ٥ يناير

    S5Ep6 - Agentic AI in the Wild: Risks, Reality and a Framework for Survival with Max Corbridge

    DSO Overflow S5EP6 Agentic AI in the Wild: Risks, Reality and a Framework for Survival with Max Corbridge In this episode of DSO Overflow, hosts Glenn Wilson and Steve Giguere are joined by ethical hacker and AI security specialist Max Corbridge to explore the rise of agentic AI. Max explains how agentic systems differ from generative AI, the new security risks created by autonomous actions, and why traditional controls fall short. The discussion covers real-world adoption, emerging attack surfaces, and Max’s DAMSIC framework for securing agentic AI in production. Max is an Independent Principal Cyber Security Consultant with many years experience delivering penetration testing and red teaming in fast-paced London consultancies. He has a special interest in AI, and AI security.  Resources mentioned in this podcast: Max's LinkedIn profileMax's Substack blogSecure Agentics (Max's company LinkedIn page)DSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٥١ من الدقائق

  2. ١٤‏/١١‏/٢٠٢٥

    S5Ep5 - How to save $20,000 per year with Vimal Paliwal

    DSO Overflow S5EP5 Saving $20,000 a year by self-hosting a map server with Vimal Paliwal In this episode, Vimal Paliwal talks about how he led a migration project that saved his organisation $20,000 annually. He talks about how he overcame challenges he faced resulting from compute and storage demands. Vimal discusses how he ensured cost-efficiency and security by implementing a fully serverless architecture using AWS CloudFront, Lambda authorisers, and WAF, integrating robust domain whitelisting and access control. We finish this conversation by reflecting on lessons learned from this project. Vimal is a part of the AWS Community Builders program, where he actively contributes to knowledge-sharing efforts across the cloud ecosystem by writing on real-world implementations and best practices. In addition, Vim has spent several years as an AWS Authorized Instructor, during which he trained over 1,000 professionals. Resources mentioned in this podcast: Vimal's LinkedIn profileVimal's blog post about this projectVimal's GitHub repoDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٣١ من الدقائق

  3. ١٤‏/١٠‏/٢٠٢٥

    S5Ep4 - Threat modelling and AI with Petra Vukmirovic

    DSO Overflow S5EP4 Threat modelling and AI with Petra Vukmirovic In this episode Petra Vukmirovic, head of information security and technology at Numan, shares her experience of threat modelling within an AI landscape drawing from her background in medicine to highlight similarities between differential diagnosis and threat modelling. She discusses the opportunities and the risks of integrating AI into security workflows as well as exploring evolving methodologies and updated frameworks to address modern threats. Petra is also an OWASP Project Leader for the OWASP Threat Model Library, a public speaker, and leader in cybersecurity. Resources mentioned in this podcast: Petra's LinkedIn profileNuman's websiteOWASP Threat Model LibraryDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. Thanks to Janet Mesh and Jessica Martinez from Aimtal for editing this episode of the DSO Overflow podcast Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٣٩ من الدقائق

  4. ٠٩‏/٠٩‏/٢٠٢٥

    S5Ep3 - AI and Auto-remediation with Jonathan Schneider

    DSO Overflow S5EP3 AI and auto-remediation with Jonathan Schneider In this episode Jonathan Schneider discusses his path from Netflix to founding Moderne, focusing on large-scale software modernisation. The conversation covers the promise and pitfalls of AI and auto-remediation. Jonathan advocates for empowering developers with self-service, pull-based tooling rather than top-down changes and emphasises collaboration between security and engineering to reduce technical toil so developers can focus on innovation. Resources mentioned in this podcast: Jonathan's LinkedIn profileModerne's websiteOpenRewrite by ModerneDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. Thanks to Janet Mesh and Jessica Martinez from Aimtal for editing this episode of the DSO Overflow podcast Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٤٣ من الدقائق

  5. ١٣‏/٠٨‏/٢٠٢٥

    S5Ep2 - Vulnerability Management, Supply Chain threats and AI with Mackenzie Jackson

    DSO Overflow S5EP2 Vulnerability Management, Supply Chain threats and AI with Mackenzie Jackson In this episode of DSO Overflow, Mackenzie Jackson discusses his transition from GitGuardian to Aikido Security, where he focuses on Application Security Posture Management (ASPM). He explains ASPM as an integrated platform that consolidates security tools. The conversation explores Aikido Security's use of open-source tools and AI to minimise false positives and streamline vulnerability management. The discussion also covers challenges with open-source vulnerability disclosure processes. Resources mentioned in this podcast: Mackenzie's LinkedIn profileAikido Security websiteWhite Rabbit NeoWired's article on the XZ backdoor incidentCISA's article on tj_actions compromiseMackenzie's The Security Repo PodcastDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٤٧ من الدقائق

  6. ٣١‏/٠١‏/٢٠٢٥

    S5Ep1 - Securing the Software Supply Chain with Francois Proulx

    DSO Overflow S5EP1 Security the Software Supply Chain with Francois Proulx In this episode, featuring Francois Proulx, a senior product security engineer, we discuss software supply chain security, particularly the security of build pipelines and dependencies. Francois shares insights on defining supply chains, identifying vulnerabilities, threat modeling, and strategies to improve security. The conversation explores topics like the SALSA framework, risk factors in CI/CD pipelines, and reducing complexity in dependencies. The discussion emphasizes threat awareness, holistic approaches, and the importance of isolating critical processes in software development. Practical tools and insights on research and AI’s role in security were also touched upon. Resources mentioned in this podcast: Francois' LinkedIn profileBoost blog siteBoost on GitHubSLSA websiteDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. This podcast is brought to you by our sponsors:  Prisma Cloud, Tigera and Apiiro Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٤٨ من الدقائق

  7. ٠٦‏/١٢‏/٢٠٢٤

    S4Ep10 - Threat modelling with Ashley Ward

    DSO Overflow S4EP10 Threat Modelling with Ashley Ward In this month's episode, Steve and Glenn chatted with Ashley Ward to discuss topics around threat modelling. Ashley is a highly experienced CTO at ControlPlan with expertise in cloud-native architectures and cybersecurity, known for leading transformative initiatives across startups and large enterprises, including as Group CTO for a €4.5 billion company. He excels in scaling organisations through agile, FinOps, and DevSecOps, while inspiring teams and engaging with stakeholders at all levels. As a Justice of the Peace since 2017, Ashley brings additional strengths in decision-making, public speaking, and community-focused leadership. In this episode of DSO Overflow, Ashley Ward, CTO at Control Plane, discusses threat modelling in cloud-native environments, security challenges, and the impact of emerging technologies like AI. Ward explains that threat modeling should start with existing knowledge and highlights the benefits of collaborative, iterative approaches. He emphasises involving various teams in the process to account for application, platform, and infrastructure layers. Ward also discusses practical frameworks, such as the CIA triad and STRIDE, and points out the specific challenges in cloud-native threat modelling, like microservices and fast-paced release cycles. Regarding AI, he cautions about the heightened risks, as AI democratises hacking capabilities. Ward advocates for using AI thoughtfully in threat modelling and encourages companies to adopt proactive security strategies. He concludes by encouraging organisations to embrace threat modelling as an evolving, essential practice. Resources mentioned in this podcast: Ashley Ward's LinkedIn profileControlPlane websiteDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. This podcast is brought to you by our sponsors:  Prisma Cloud, Tigera and Apiiro Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٤٧ من الدقائق

  8. ١٩‏/١١‏/٢٠٢٤

    S4Ep9 - Open Source Integrity with Luke Hinds

    DSO Overflow S4EP9 Open Source Integrity with Luke Hinds In this month's episode, Jessica and Glenn chatted with Luke Hinds to discuss topics around Open Source integrity and provenance. Luke is a co-founder and the CTO at Stacklok who loves building open source software and communities, as well as leading talented engineering teams to develop innovative cutting edge security technologies at scale. In this episode, Luke talks about the challenges of ensuring open source software integrity and provenance using cryptographic technologies and automated signing of software within the CICD pipeline using a non-profit software cryptographic signing service. He talks about managing developer expectations and how security should enable software development. We briefly discuss the dangers of putting too much trust into AI and the data that supports GenAI models. Resources mentioned in this podcast: Luke Hind's LinkedIn profileStacklok on LinkedInStacklok's websitesigstore on LinkedInsigstore websiteslsa websiteMinder websiteMinder on GitHubDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout. This podcast is brought to you by our sponsors:  Prisma Cloud, Tigera and Apiiro Your Hosts Steve Giguere linkedin.com/in/stevegiguere Glenn Wilson linkedin.com/in/glennwilson Jessica Cregg linkedin.com/in/jessicacregg

    ٤١ من الدقائق
مشاهدة الكل (٥٠)

حول

In this podcast, we speak with professionals working in cyber security, software engineering and operations to talks about a number of DevSecOps topics. We discuss how organisations factor security into their product delivery cycles without compromising the value of doing DevOps and Agile.

المعلومات

  • صناع العمل
    Glenn Wilson, and Steve Giguere
  • سنوات النشاط
    ٢٠١٩ - ٢٠٢٦
  • الحلقات
    ٥٠
  • التقييم
    فاضح
  • حقوق النشر
    © 2026 DSO Overflow
  • موقع البرنامج على الويب
    DSO Overflow