Cloud security, DevOps, Vulnerability management

100 Years – ASW #100

March 16, 2020

This week, we welcome Clint Gibler, Research Director at NCC Group, to discuss DevSecOps and Scaling Security! In the Application Security News, Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open-source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1)!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. DevSecOps / Scaling Security – Clint Gibler – ASW #100

Due to a combination of a) development teams embracing Agile and DevOps and b) that security teams are often outnumbered by developers 100:1 or more in many companies, there's been a fundamental shift in how security teams need to operate. I've spent a significant amount of time studying how security teams at companies, large and small, have attempted to adapt to this new reality. There are a number of interesting trends in how work is prioritized, continuous code scanning (static and dynamic), scaling threat modeling and detection & response, investing in secure defaults, asset inventory, self-healing cloud environments, and more.

Hosts

Mike Shema

Security Partner at Square

John Kinsella

Co-founder & CTO at Cysense

2. Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot – ASW #100

Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1).

Hosts

Mike Shema

Security Partner at Square

John Kinsella

Co-founder & CTO at Cysense

Compliance

Eliminate Attack Surface from Inside Out – Shamim Naqvi – ESW #310

March 23, 2023

SafeLiShare delivers tamperproof security from inside out across clouds and eliminate algorithmic complexity attacks and reverse never-ending cycles of defense using policy controlled Confidential Computing with secure enclave technology. Segment Resources: Presentation https://1drv.ms/p/s!AqqNWej5CK8uhEoIZW5MUxMTQLJU Blog https://safelishare.c...

Cloud security

A Light Week, InfoSec Tabletop Gaming, White House CyberSec, & AI Galore! – ESW #308

March 9, 2023

In the enterprise security news, A light week in funding, after last week’s mega raises from Wiz and Sandbox AQ HP acquires some Zero Trust and CASB with Axis Security InfoSec-themed Table Top gaming is really catching on The White House’s updated cybersecurity strategy is more of an update than a game changer I go a bit nuts with AI news and essay...

Managed services

Building a Managed Services Business Strategy Around XDR – Chris Bell – CFH #11

March 7, 2023

For managed services providers looking to build their market strategy around XDR and MDR -- or a hybrid of the two solutions -- it's important to understand how this approach will shape future priorities for their tech stacks and toolsets, their clients and their vendor partners. What kinds of next-generation services can they build from an XDR/MDR...

100 Years – ASW #100

Full Audio

Segments

1. DevSecOps / Scaling Security – Clint Gibler – ASW #100

Hosts

2. Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot – ASW #100

Hosts

Related

Eliminate Attack Surface from Inside Out – Shamim Naqvi – ESW #310

A Light Week, InfoSec Tabletop Gaming, White House CyberSec, & AI Galore! – ESW #308

Building a Managed Services Business Strategy Around XDR – Chris Bell – CFH #11