Scale to Zero - No Security Questions Left Unanswered

Ready to level up your knowledge on #DevOps and #DevSecOps? 🚀🎥 We've got an exclusive recording with the brilliant Matt Tesauro, where he takes us on an epic journey through the essential processes that will revolutionize your approach to software development and security. Featuring valuable insights, practical tips, and real-world examples, this recording is a must-watch for all tech enthusiasts looking to stay ahead in today's fast-paced digital world. Don't miss out! Get ready to embrace the power of #DevOps and #DevSecOps like never before! 📺📚 Watch, learn, and conquer! 💪✨ #knowledgeispower

In this Scale to Zero podcast episode, we had the very cool Francois Proulx! With his expertise in Software Supply Chain Security and Application Security, he shared some really deep and helpful thoughts in this field. He has also shared some resources for folks who are getting started. 01:10 Start and Introduction 06:00 Application Security is not a developer-first problem 10:20 Automating systems for small teams and large teams 16:00 Security areas to focus on for startups 19:40 Security risks around the supply chain 25:00 Assisting the security of the supply chain from a threat modeling perspective 28:30 Involving business management teams in security procurement 33:10 Resources to keep you up-to-date 35:10 Developer security checklist for using open-source libraries 39:00 Summary 40:00 Rating Security Practices

In episode 15 of Scaletozero season 2, We have Yotam Perkal with his vast knowledge of Vulnerability Management, Supply Chain Security, and SBOMs. Stay tuned to the episode and watch him share some really good thoughts from his experiences. Here are the references shared by our guest: Hidden Container Vulnerabilities = https://www.youtube.com/live/Eh6b1H_-U20?si=uByRfK2G_h-yYOyn&t=33132 OSV malicious packages advisories = https://osv.dev/list?ecosystem=&q=MAL OpenSSF LLM Open-Source Ecosystem research = https://www.rezilion.com/blog/report-the-risk-of-generative-ai-and-large-language-models/ Secure Supply Chain Consumption Framework = https://github.com/ossf/s2c2f SSVC framework = https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc

In this episode of Scale to Zero show, Kalyani shares some very insightful views on understanding and navigating the challenges involved in threat modeling and vulnerability management. She uses some really mind-boggling analogies to help us understand the very detailed concepts most easily. Stay tuned. 00:00 Start 01:15 Guest introduction 05:30 Introducing threat modeling in SDLC 09:29 Using the threat modeling process efficiently 14:50 Security Champions program short overview 16:00 Selecting the right threat model 19:55 Preparing the right threat modeling mindset 24:00 Cheat code for dealing with vulnerability management 28:30 Educating teams for continuous security monitoring 31:45 How security processes work with cloud 36:00 Right time for startups to think about security 39:15 Summary 40:14 Rating security practices

Dive deeper into practical strategies for defending a Kubernetes cluster so that we get an idea of how to defend a cluster and also some of the best practices to follow while defending clusters from attackers.

In episode 13 of Scale to Zero show, Kesten will help us to understand the role of asset management in the cloud and its importance, and how Kubernetes play a vital role in securing the cloud infrastructure. He also shares his views on how important it is to have a good asset inventory story. Stay tuned and gain valuable insights!

Join us as we dive deep into this transformative approach of the Restorative Justice Framework and learn how it can help create more harmonious work for cloud security leaders. Don't miss out on this enlightening conversation! Tune in now and be part of the change we all need. #restorativejustice #ConflictResolution #Changemakers #googlecloud #cloudsecurity #cybersecurity #devsecops #kubernetes #securitybreach #podcast #cloudsecurity

Welcome to another workshop episode on attacking Kubernetes clusters with Divyanshu Shukla! In this comprehensive tutorial, we delve into the intricate world of Kubernetes security to equip you with the knowledge and skills needed to safeguard your infrastructure.

Don't just sit on the sidelines – it's time to level up your cybersecurity game. Gain invaluable expertise on Incident response, Digital forensics, and Threat intelligence. Gerard, with over a decade of experience, will take you through many experiences.

Whether you're a cybersecurity enthusiast, a developer, or an IT professional, this video-styled workshop offers a unique learning opportunity to enhance your knowledge of Kubernetes security. Watch the full episode to gain practical insights into attacking and defending Kubernetes clusters with #scaletozero.