IS THERE DEVSECOPS IN CLOUD? 🤔

Cloud Security Podcast -  This month we are talking about "Cloud Security - the Leadership View" and for the final episode in this series, we spoke to Guy Podjarny ( GuyPo's Linkedin). If you are working on building or securing Cloud resources, can you truly imagine solving the next log4j or AWS/Azure/GCP vulnerability without including the help of Platform Engineers or IT engineers? This is the bigger picture of what we CyberSecurity people have to do day in day out. We work with wider team members

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: ⁠www.cloudsecuritypodcast.tv⁠

FREE CLOUD BOOTCAMPs on ⁠www.cloudsecuritybootcamp.com⁠

Host Twitter: Ashish Rajan (⁠@hashishrajan⁠)

Guest Socials: Guy Podjarny ( ⁠GuyPo's Linkedin⁠)

Podcast Twitter - ⁠@CloudSecPod⁠ ⁠@CloudSecureNews⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠Cloud Security News ⁠

- ⁠Cloud Security BootCamp⁠

Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠snyk.io/csp⁠

(00:00) Introduction

(03:49) A bit about Guy Podjarny

(04:51) What is DevSecOps today?

(07:15) 3 Phases of DevSecOps

(07:44) DevSecOps vs ShiftLeft

(09:15) The maturity of DevSecOps

(11:52) The notion of start left

(13:36) Threat modelling and developers

(14:38) What is Cloud Security?

(16:03) The notion of App Cloud

(17:43) Gartner acronyms and cloud security

(22:21) Security champion program in cloud

(28:33) Future of IaaS, PaaS and SaaS

(32:22) Challenges with Security Championship Program

(42:19) Generative AI and DevSecOps in Cloud

(47:45) Fun Questions

See you at the next episode!