In this episode of the “DevSec for Scale” podcast, host Jeremy Hess welcomes Rotem Raphael, Director of Engineering at ARMO, a Kubernetes security company based in Tel Aviv. Rotem discusses the findings from ARMO’s research on scanning public Kubernetes clusters for misconfigurations and highlights common issues and their implications. The research revealed that 100% of […]
Are development environments important enough for us to even care about securing? The answer is a resounding yes. In this episode, Guy Flechter, CEO & Co-Founder of Cider Security goes in-depth into why security is not just a requirement for production, but also development environments. And development environment security also has an impact on the […]
Is there a simple way to detect and manage ransomware attacks? In this episode, Greg Edwards, CEO of CryptoStopper introduces us to the evolution and basics of ransomware as well as how to get better at detecting sophisticated attacks, such as file-less ransomware, before they can damage your system. He also gives us insights into […]
Why is there still friction between Dev and Sec? How can we bridge that gap better? In this episode, Duane Gran, Corporate Director of Information Security at Converge Technology Solutions dives into how he has seen developers and security butt heads and about his personal journey from dev to sec. Duane offers great advice on […]
Why do security teams and developers clash, and how can we ensure there is better collaboration between them? In this episode, Ravid Circus, Co-Founder & CPO at Seemplicity talks about his experience with security teams and how their requests are handled by the development teams. He also gets into how security teams should track progress […]
How has threat modeling evolved and how can security help make it easier for developers to implement that practically into their code?In this episode, Maran Gunasekaran, Principal Security Consultant at Practical DevSecOps gives us a rundown of what threat modeling used to mean and how developers can translate threat models into actual threat modeling as […]
What’s it like to go from a DevOps engineer in large organizations with expert security engineers, to a small startup that requires you to be the security engineer? In this episode, Gil Zellner, Infrastructure Lead at HourOne.ai talks about his personal experience being thrown into the deep end of security as a developer. He discusses […]
What is the importance of Secrets Management and how has it evolved to where it is now? In this episode of the DevSec For Scale podcast, Jeroen Willemsen, one of two project leads for the OWASP WrongSecrets project, gives us a short history of secrets management in the OWASP universe and goes into how he […]
How do you approach E2E and Integration testing in the new and complex world of Kubernetes and multi-cloud environments? Arjun Iyer, CEO & Co-Founder of Signadot joins the podcast for a very interesting and informative episode on how testing needs to shift left as we rapidly grow our development environments to the latest and greatest […]
In this episode of DevSec For Scale, we follow up our previous episode with some really great information about how the OWASP WrongSecrets project came about and how they manage everything, as well as how users can join and help with fixes, add challenges, and features. Jeroen also discusses the future of the project.
What challenges are there with observability in modern microservices environments? Yosef Arbiv, Engineering Group Leader at Epsagon (Acquired by Cisco), joins the podcast to discuss observability best practices as well as the Open Telemetry project and how observability impacts the overall security health of an organization.
How do you actually get started managing secrets? In this episode of DevSec For Scale, we are joined by Jeroen for a third time to discuss the real ins and outs of getting started with secrets management. We talk about threat modeling, CI/CD, and even multi-cloud secrets management.
Discover how Akeyless simplifies secrets management, reduces sprawl, minimizes risk, and saves time.
Take a self-guided tour of our top features.
See the platform
Learn what Akeyless can do for your team.
Talk to an expert
