Description

Where we interview Greg Harris, Principal Security Engineer at Fitbit. We cover security issues around BeyondCorp, VPNs, Docker, and vulnerability scanning. With Greg we learn how to stop reacting to security incidents and instead focus on building threat models for your software and company to forecast and prevent them.

Comments for the episode are welcome - at the bottom of the show notes for the episode there is a Disqus setup, or you can email us at feedback@operations.fm.

Sponsors for Episode 97:

42 Lines is a DevOps consulting firm specializing in
Observability, Cloud Migration, Cost Control, Security Practices, and Team
Mentoring.

alt="42 Lines, Inc"/>

Links for Episode 97:

• Mozilla Id trust proxy
• Ghost Tunnel
• Hashicorp Vault SSH PKI/Key authority
• Netflix Bless
• Crypt.co / crypton - gen u2f token on phone
• STRIDE Thread modeling
• Threat Dragon
• Censys
• Shodan
• Wireguard
• Isto
• Minimal linux
• Sysdig
• OWASP Dependency Check
• Anchore Engine