DevOps and Securing Applications – PSW #632

– Given that DevOps is a process and its execution requires many different tools, how do we get started “doing DevOps”?
– What about DevOps allows us to produce more secure applications?
– What concepts inside of DevOps do most people lose site of?
– What are the major challenges involved in taking an application from traditional development to DevOps?
– What are some of the best approaches to making an application more resilient to threats
– To ORM or not to ORM?
– Which services do you implement yourself vs. using a cloud service?
– How do I choose the best secrets vault?
– What should I use an orchestrator for and what should I not use an orchestrator for?
– How do I build a secure API for my app?
– Thoughts on GraphQL vs. REST security implications?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

DevOps and Securing Applications

Hosts

April Wright
April Wright – Preventative Security Specialist
John Kinsella
John Kinsella – Vice President of Container Security
Matt Alderman
Matt Alderman – CEO
Mike Shema
Mike Shema – Product Security Lead
Paul Asadoorian
Paul Asadoorian – Founder & CTO

Guests

Chris Eng
Chris Eng – Chief Research Officer
Eric Johnson
Eric Johnson – Principal Security Engineer
Frank Catucci
Frank Catucci – Sr. Director GTP – Application Security
James Ford
James Ford – Head of Information Security
Jason Kent
Jason Kent – Hacker in Residence
Josh Corman
Josh Corman – I am The Cavalry
Keith Hoodlet
Keith Hoodlet – Senior Manager of Global DevSecOps
Sandy Carielli
Sandy Carielli – Principal Analyst