))
DevSecOps de um jeito prático e descontraído. Profissionais debatendo as mais variadas formas de tornar um software mais seguro.
T
The DevSecOps Talks Podcast
1
The DevSecOps Talks Podcast
Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show n ...
D
DevSecOps Podcast
1
#16 - SDL PT2 - Define security requirements
46:54
46:54
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
46:54
No segundo episódio da série SDL, você acompanha sobre requisitos de segurança. O quê? Como? Onde? Quando? E principalmente, para quem? Vamos mergulhar no tema para te ajudar a desenvolver software seguro, da maneira certa.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #41 - Great communication FTW
40:07
40:07
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
40:07
Communication in co-located teams is quite often complicated. It is even more complex and, at the same time, important in distributed teams. Have you ever got an issue report that says this thing is failing? No logs, no explanation of context, no nothing. Pretty sure we've all been in such situations. How do you step up your communication game? Thi…
D
DevSecOps Podcast
1
#15 - SDL PT1 - Provide training
47:13
47:13
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
47:13
No primeiro episódio da série SDL, você acompanha sobre treinamentos. O quê? Como? Onde? Quando? E principalmente, para quem? Vamos mergulhar no tema para te ajudar a desenvolver software seguro, da maneira certa.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#14 - 9 skills que você precisa para trabalhar com cyber security
54:00
54:00
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
54:00
No episódio carregado de experiência, compilamos para você skills que são necessárias para desenvolver sua carreira na área de segurança, vem com a gente. E detalhe, TODAS as skills são necessárias, não é para escolher só uma não.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#13 - 9 ideias para melhorar a segurança
44:28
44:28
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
44:28
Neste episódio repleto de numerologia, trouxemos 9 dicas experts para você melhorar a segurança hoje mesmo. Cada um compilou dicas sensacionais exclusivas para você.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#12 - Como é a segurança na Europa?
51:17
51:17
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
51:17
No episódio em que invocaram o tinhoso, o Cássio fala um pouco sobre as primeiras impressões de como é a Cyber Segurança na Europa, com algumas curiosidades.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#11 - O mundo seguro na nossa visão
49:22
49:22
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
49:22
Imaginamos um mundo com dinheiro infinito e todo o poder nas nossas mãos, o que faríamos para estarmos seguros?โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #40 - Web3 and its implications for DevSecOps practitioners
43:33
43:33
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
43:33
web3 has gotten a lot of attention lately; thus, it is time for us to separate facts from the hype.In this episode, we are trying to understand its implications for us as DevSecOps practitioners. Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…
D
DevSecOps Podcast
1
#10 - Governando a segurança
49:02
49:02
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
49:02
Você nasceu para governar, diriam os coaches hoje em dia. Mas quando se trata de Segurança da Informação meu amigo, só com um convidado "monstro" desses para nos dar uma aula.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#09 - Nossa visão sobre segurança, no passado
51:01
51:01
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
51:01
É com os erros do passado que melhoramos nosso futuro, ou descobrimos uma conspiração do universo para não fazer segurança.โดย Cássio Batista Pereira
Um mito? Uma lenda? Um traço no papel? Vamos falar do RISCO.... e com um convidado que é simplesmente O PAI do AppSec no Brasil, e disse: Vulnerabilidade nunca vem sozinha, sempre vem em bando!โดย Cássio Batista Pereira
Com uma convidada super bacana, abordamos um tema muito importante no mundo do software, aplicações móveis. Afinal, você não pode confiar nas APIs, nos SOs etc você precisa proteger os seus apps também.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#06 - How an enterprise solution can help you be secure
46:48
46:48
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
46:48
In our first episode in English, we talked with a Solutions Architect from one of the biggest security companies in the world, Veracode. We discussed about how an enterprise tool can help developers to build secure software.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #39 - Setting up tools and environments
27:41
27:41
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
27:41
Andrey feels frustrated that he has to develop a way to configure environments for every customer. Think for yourself - you arrive at a new project or company. It is day one, and you need to get the right tools as well as the correct environment configuration. During this episode, we are trying to figure out how companies solve it. And is there a s…
D
DevSecOps Podcast
1
#05 - Code review e outras coisinhas
52:37
52:37
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
52:37
Num papo muito bacana, destacamos alguns pontos de Segurança de Software com um convidado sensacional. Destacamos alguns pontos importantes além de abordar CI, Code Review e o mundo acadêmico.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#04 - Testes dinâmicos, são eficazes?
45:32
45:32
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
45:32
Sabe aquele famoso Web Scanner que você adora? Pois é, talvez ele não teste TUDO o que você precisa. Mas nem por isso você deve se livrar dele, confere com a gente a visão sobre testes dinâmicos de segurança.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #38 - Platform teams with Henrik
1:02:15
1:02:15
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:02:15
Henrik Hoegh is back to talk about his experiences working in the platform team at his new job, but before that, we are getting through the following topics:- bash is the future of automation (not really, but some people think so)- building multi-cloud solutions using k8s and service mesh solutions- Shuttle - CLI for handling shared build and deplo…
D
DevSecOps Podcast
1
#03 - KPIs em AppSec, que bruxaria é essa?
45:33
45:33
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
45:33
É jovens, sem INDICADORES você não escala, não evolui, não cresce sua implementação, seja em qualquer área, em AppSec vamos entender que indicadores são esses.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#02 - O arsenal que você precisa
51:22
51:22
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
51:22
Armas e mais armas... para lutar uma guerra se faz necessário muitas armas. Neste episódio falamos sobre um verdadeiro arsenal de ferramentas para você implementar AppSec sem gastar um centavo. E também ferramentas enterprise para quem quer investir de verdade em AppSec.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #37 - Surviving AWS outage (revised for 2021)
33:47
33:47
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
33:47
us-east-1 will never go down, and if it would, half of the internet would go down. It is what people used to say. So, us-east-1 went down big time. What does it mean for us as practitioners? What should we consider going forward? In this episode, we talk through the incident and disaster recovery strategies you can consider to keep your company up …
D
DevSecOps Podcast
1
#01 - Como fazer AppSec de forma fácil
48:05
48:05
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
48:05
A volta dos que não foram! A terceira temporada começa quente, ensinando fazer AppSec de uma forma fácil, dividir para conquistar, feito é melhor que perfeito. E vem muito mais por ai.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #36 - Sturdy. Is it time for a new version control tool?
43:17
43:17
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
43:17
We have had Git around for more than 15 years, and during that time, it has become a standard de-facto to share code and track code changes. While Git is a superior version control system to most of what we have seen before, it has been 15 years since the first release. Should we be looking for new ways to approach version control systems? Is the t…
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #35 - Infrastructure as code (IAC) revisited 2021
38:49
38:49
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
38:49
Our first episode was about Infrastructure as code, and we feel that it is time to revisit the topic after almost two years. Another reason is the release of the second edition of Infrastructure as Code book by Keif Morris. Thus, in this episode, we revisit the definition of Infrastructure as code and try to summarize what has changed over the year…
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #34 - Google Next and HashiConf recap
36:23
36:23
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
36:23
Julien gives his impressions of Google Cloud Next 2021, and Andrey recaps HashiConf Global 2021 as well as gives his take with the twist on why do we might need HashiCorp Waypoint Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #33 - Do I need a service mesh?
28:21
28:21
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
28:21
Everyone seems to be talking about service mesh. Mattias, Julien, and Andrey are trying to separate hype and real value. Most importantly, they dig into when is the good time for the organization is to embrace service mesh and what are the prerequisites Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questi…
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #32 - Getting hired as an infrastructure automation person
25:36
25:36
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
25:36
As a follow-up to the [last episode about hiring an infrastructure automation person](https://devsecops.fm/episodes/31-hiring/) we decided to reverse the view and talk about how do you get hired as an infrastructure automation person. This episode is full of career advice for people who are just only from university as well as people who already ha…
D
DevSecOps Podcast
1
#36 - Final de temporada retrospectiva
47:16
47:16
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
47:16
É com grande pesar que anunciamos... teremos a terceira temporada sim em 2022! E neste último episódio da 2ª temporada a gente só fez a retro para relembrar como foi a temporada mais recheada de convidados, obrigado!โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#35 - Como é vender segurança no Brasil?
1:03:16
1:03:16
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:03:16
Com um convidado cheio de poderes, falamos sobre os desafios de vender segurança no Brasil.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#34 - Problemas e como poderiam ter sido evitados
1:19:20
1:19:20
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:19:20
Com alguns casos de incidentes comentados, tentamos identificar os possíveis controles para evitar tais problemas.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #31 - Hiring an infrastructure automation person
32:47
32:47
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
32:47
Have you ever conducted an interview to hire an infrastructure automation person? What would you ask? How do you check their skills? And what skills are essential? Tune in for our tips on hiring and finding the right person for your team! Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we wil…
D
DevSecOps Podcast
1
#33 - Software seguro e o mundo jurídico
1:12:09
1:12:09
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:12:09
Você acha que é só fazer código e "tá tudo certo?" Pois é, não é só isso... existe toda uma preocupação jurídica que muitas vezes desconhecemos.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#32 - Cuidado a auditoria vai te pegar
1:10:46
1:10:46
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:10:46
Muitas empresas têm medo de auditoria, mas por quê? será que é algo tão ruim assim ou deveriam apenas se preparar para o próprio bem?โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#31 - Segurança em containers é necessário?
1:05:10
1:05:10
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:05:10
Com nossa primeira convidada internacional, falamos sobre a importância da segurança em containers num nível técnico muito bom.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#30 - Como é o dia a dia em cyber?
1:05:29
1:05:29
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:05:29
Com um convidado que inspirou o Cássio na jornada de segurança, vamos entender como é o dia a dia no mundo cyber, ainda mais numa empresa com 500 mil funcionários.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#29 - Security Hygiene, mais segurança para você
1:08:53
1:08:53
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:08:53
Com um convidado monstro, falamos sobre Security Hygiene e os conceitos básicos de como essa prática pode salvar sua "vida", e de graça!โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#28 - Colocando o Sec no DevOps
1:05:20
1:05:20
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:05:20
Num episódio cheio de conversa de bar, conversamos sobre as dificuldades de se colocar sec no devops e como isso tem impacto nas empresas, cultura, ferramentas, tempo de esteira, tudo isso e muito maisโดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#27 - Cyber Security, do zero a prevenção
1:09:17
1:09:17
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
1:09:17
Num episódio marcado pela volta do Rodrigo e piadas merda do marcos... um convidado monstro, salvou o episódio. vamos entender como é estruturar uma área de segurança do zero.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#26 - Como é largar o osso técnico
57:46
57:46
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
57:46
Vamos entender como é a vida de quem teve / tem que largar as atividades técnicas que tanto adora para desempenhar outros papéis.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #30 - Logs, metrics and traces
32:03
32:03
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
32:03
Logs, metrics, and traces are the three pillars of observability. Where should you start? What are the common mistakes to avoid? And if you are to pick one - which one should you do? Connect with us on LinkedIn or Twitter https://devsecops.fm/about/ and tell us about your questions, and we will answer them in the show.…
D
DevSecOps Podcast
1
#25 - É seguro trabalhar com segurança?
58:47
58:47
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
58:47
Será que trabalhar com segurança, é seguro de fato? O que isso implica em nossas carreiras e até mesmo nos clientes e na sociedade?โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#24 - Por que fazer certo da tanto trabalho?
58:54
58:54
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
58:54
Você acha que as coisas "são como são" a toa? Ou acredita que exista algo "obscuro" por traz de tudo, que faz com que muita coisa seja errada?โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#23 - DAST, pentest automático?
52:48
52:48
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
52:48
Já ouviu falar que DAST é um pentest automático? Ou até mesmo que, DAST é uma ferramenta de pentest? Pois é rapaz, talvez você esteja enganado... vem conferir nesse episódio em que quase fui hackeado!!!โดย Cássio Batista Pereira
Depois de problemas técnicos com o episódio programado, fiquem com este episódio surpresa interessante, onde tem uma bagagem incrível pra vocês.โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#21 - A arte de proteger o software, antes dele nascer
51:17
51:17
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
51:17
Que bruxaria é essa, que protege o software antes do desenvolvimento de fato? Vamos entender mais sobre Threat Modeling no episódio de hoje, e proteger ainda mais nossos softwares.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #29 -Unikernels are here
47:35
47:35
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
47:35
This time we are talking unikernles! Ian Eyberg from NanoVMs joins us to discuss how far this technology is from prime time. And it turns out that you don't have to be a kernel developer to take advantage of unikernes. Today, there are tools available to package, distribute, and run them locally as well as in the public cloud. While talking to Ian,…
D
DevSecOps Podcast
1
#20 - Por que desenvolvimento seguro?
54:46
54:46
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
54:46
Todo mundo fala "desenvolva seguro", "DevSecOps", "SDLC", bla bla bla... mas afinal, por que temos que nos preocupar em criar softwares seguros de fato? Vem que a gente te explica!โดย Cássio Batista Pereira
D
DevSecOps Podcast
1
#19 - O papel da arquitetura na segurança de software
59:58
59:58
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
59:58
Será que o time de arquitetura tem responsabilidade em segurança? Será que o arquiteto deve "dar pitaco" na segurança? Se liga nesse papo legal com o nosso convidado de hoje.โดย Cássio Batista Pereira
Com uma aula do nosso convidado DeusBA, dessa vez para falar sobre segurança em banco de dados que afinal, é onde ficam todas as informações que os cyber criminosos querem.โดย Cássio Batista Pereira
T
The DevSecOps Talks Podcast
1
DEVSECOPS Talks #28 - Scaling Security
36:46
36:46
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
36:46
The real cloud lock-in is security! Every service/cloud provider has its own levels of granularity regarding resources. Cloud engineering is mainly about compute, storage, and networking and how to make them scale. Scaling security is often left out as it is hard to measure on so many levels. We think that it is a myth and that we can measure how m…
D
DevSecOps Podcast
1
#17 - O papel da cultura na adoção de DevSecOps
58:24
58:24
เล่นในภายหลัง
เล่นในภายหลัง
ลิสต์
ถูกใจ
ที่ถูกใจแล้ว
58:24
Neste bate papo massa com nossa convidada, falamos sobre como a cultura é peça fundamental na adoção do DevSecOps pelas empresas, mas principalmente as pessoas.โดย Cássio Batista Pereira
