Talking Security: DevSecOps Series - Episode 1

In this episode, we are starting a new series on DevSecOps, the practice of integrating security into the software development lifecycle.

DevSecOps is not just a buzzword, but a necessity in today’s fast-paced and dynamic environment. As software developers adopt Agile and DevOps practices, aiming to reduce software development cycles to weeks or even days, security can no longer be an afterthought or a separate process. Security must be embedded in every phase of the software development lifecycle, from initial design through integration, testing, deployment, and delivery.

To help us understand what DevSecOps is and why it matters, we - Frans Oudendorp, Pouyan Khabazi, and Sander ten Brinke - will share our insights and experiences on how to implement DevSecOps in practice, what are the benefits and challenges, and what are the best tools and practices to use.

In this recording, we kick off this series with an introduction about what’s ahead in the next episodes. Then we talk about developers’ workstations and how to secure them properly so that everyone is happy. Developers’ workstations are often the first line of defense against cyberattacks, as they contain sensitive data and code that can be compromised or stolen. However, developers also need to have the freedom and flexibility to work efficiently and creatively, without being hindered by excessive security controls or policies.

How can we balance security and productivity in developers’ workstations? What are some of the common threats and risks that developers face in their daily work? How can we apply the principle of least privilege to limit the access and permissions of developers? How can we use encryption, authentication, and backup to protect the data and code on developers’ workstations? How can we enforce security policies and standards across different platforms and environments? These are some of the questions that we will address in this episode.

Thank you for listening and stay safe! And don’t forget to subscribe to our podcast and follow us on Twitter and LinkedIn for more updates and insights on cybersecurity.

Google Podcast 👉 Link

Apple Podcast 👉 Link

Spotify 👉 Link