All OpsCast Conversations
Search and filter through the complete archive of DevOps, Cloud Security, and Kubernetes discussions.
Scaling HashiCorp Vault for Enterprise Security: Zero-Trust Architecture and Automation
In this episode, we dive into the advanced deployment and management of HashiCorp Vault at enterprise scale, focusing on dynamic secrets, PKI automation, and zero-trust architecture. Our expert hosts explore the intricacies of Vault's capabilities in securing modern cloud-native applications. Tune in for a deep dive into Vault's integration with Kubernetes, namespace isolation, and Sentinel policies for compliance.
Unlocking Runtime Security with Falco: Threat Detection and Automation
In this episode, we delve into the world of runtime security with Falco, exploring its eBPF probe and kernel module architecture, and discussing how to write custom rules for enhanced threat detection. We'll also cover Falco's integration with popular tools like Slack, PagerDuty, and SIEM platforms. Join us as we navigate the complexities of incident response automation and declarative threat response with Falco Talon.
Securing the Software Supply Chain with Trivy: A Shift-Left Approach
In this episode, we dive into the world of software supply chain security, exploring how Trivy can be used for vulnerability management, and delving into SBOMs, SLSA, and container image signing. Join us as we discuss the integration of these tools in CI pipelines and the importance of shift-left security practices. From Kubernetes to IaC, we'll cover the essential tools and frameworks for securing your enterprise's software supply chain.
Unlocking Policy as Code: Mastering Open Policy Agent and Gatekeeper for Kubernetes
In this episode, we dive into the world of policy as code, exploring Open Policy Agent and Gatekeeper for Kubernetes and enterprise compliance. Tune in for a deep dive on Rego language, testing, and policy distribution. Our hosts discuss real-world applications and best practices for implementing policy as code in your organization.
Shifting Left with Snyk: Integrating Security from Code to Production
In this episode, we dive into Snyk's comprehensive security platform, exploring how its tools and features enable developer-first security, from SAST and SCA to container and IaC scanning, and how these integrate into the developer workflow for enhanced security and compliance. We'll discuss priority scoring, reachability analysis, and custom integrations. Join us as we examine the potential of Snyk to shift security left, making it an integral part of the development process. This approach can significantly enhance the security posture of applications from the outset, reducing vulnerabilities and ensuring compliance.
Unlocking Code Excellence with SonarQube: Scaling SAST and CI/CD Security
Discover how SonarQube Enterprise can elevate your code quality and security posture by enforcing Quality Gates, customizing SAST rules, and integrating with popular CI/CD tools. Learn from experts how to leverage SonarQube for comprehensive code analysis and security hotspot triage. This episode dives into the nuances of SonarQube as a code scanner versus dedicated SAST tools and explores best practices for portfolio reporting and integration with GitHub, GitLab, and Azure DevOps.