Shows
Cyber Security HeadlinesWeek in Review: Cybersecurity CEO busted, Cloudflare’s DDoS increase, FBI’s help requestLink to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, Head of Security, Boats Group Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. 2025-05-0231 min
Security You Should KnowSecuring the Software Supply Chain with HeroDevs Open source is a bedrock of modern enterprise software. But support for various components is all over the place. The ecosystem doesn't have the right incentives in place, leading to end-of-life security issues many organizations aren't ready to address. When community support for open-source components dries up over time, what is your recourse? In this episode, Aaron Frost, founder and CEO, HeroDevs, discusses how HeroDevs is addressing this problem by providing secure, drop-in replacements to give enterprises the time they need to safely transition to supported software. Aaron is joined by our panelists...2025-04-0214 min
Defense in DepthProtecting Your Backups from RansomwareAll links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and DJ Schleen, former distinguished security architect, Yahoo. Joining us is our sponsored guest Heath Renfrow, co-founder, Fenix24. In this episode: Get creative Shift the focus of backups Failing the test Moving beyond false hope Thanks to our podcast sponsor, Fenix24 You’ve invested in cybersecurity, but...2025-02-1329 min
The Security DetailEp. 4: Application Security with Tanya Janca, head of community and education at SemgrepApplication security is crucial for protecting sensitive data and ensuring the integrity and trustworthiness of software systems against cyber threats. In this episode, Tanya Janca, head of community and education at Semgrep discusses the importance of “shifting left” in the software development lifecycle, along with the best and worst practices in DevSecOps. Tanya has been coding and working in IT for more than 25 years and is the best-selling author of the book ‘Alice and Bob Learn Application Security’. You can follow Tanya on social media under the handle @SheHacksPurple.
Resources:
Semgrep website: https://semgrep.de...2024-09-0447 minCyber Security HeadlinesWeek in Review: CrowdStrike releases Falcon, ransomware as terrorist threatLink to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, distinguished security architect, Yahoo Thanks to our show sponsor, Vanta Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our liste2024-08-0928 min
daBOMLauren Hanford on Add TACOS to your SBOM Combo PlatterRemember the X-Files television show? Dana Scully was one of the main characters - a brilliant FBI agent who worked on unsolved cases involving paranormal phenomena. Often skeptical of the supernatural, she was always willing to keep an open mind, and she was also a great role model. She inspired many women in Technology, one of them being Lauren Hanford. Scully’s inspiration led Lauren into the field of Criminal Justice and Chemistry, and then she made a pivot into Computer Science, and Design. The catalyst being a desire to make doing homework easier. ...2023-08-0925 mindaBOMHasan Yasar on The Multiverse of SBOM PhasesThere's no better way to get to know someone than staying awake for 24 hours straight while moderating sessions of the world's biggest virtual DevOps conference - All Day DevOps. It's One of the many times I've gotten to spend with Hasan Yasar over the years. We were hunkered down in an office in Tyson's Corner, just outside of Washington, DC, broadcasting throughout the day to an audience spanning the world, introducing some of the world's most talented minds before they shared their stories.Hassan and I met back in 2017 when we were both speaking at D...2023-08-0228 mindaBOMTrac Bannon on the Connection between Generative AI, LLM and SBOMsI'll never forget the day I met Tracy, although I really think we were actually separated at birth. We were scheduled to be on a podcast together and after introducing ourselves to each other in the call lobby, we began a discussion that most likely would've gone on forever at the host, not interrupted us to get the show started.It turns out we both have similar passions in the DevOps, DevSecOps, and SRE spaces, and not just philosophical ideas and hoopla high fives. We've actually done it. Practical implementation of ideas that have injected security into...2023-07-1927 mindaBOMPhilippe Ombredanne on SBOMs, SCA and PURLs. Oh my!It must have been a year or so ago when I was looking for an open source vulnerability scanner to use in a project I was working on. As I scoured the internet, I stumbled upon a project called "VulnerableCode" - a server that could run locally and would return vulnerability information if you called its API and gave it a Purl.What's a Purl? It's an abbreviation for Package URL and it identifies a component that's used in a software we build. Think of it like a hyperlink that contains metadata such as ecosystem, name, version...2023-07-1235 mindaBOMTim Miller on Storage and management with GuacI read an interesting post on Twitter the other day about Software Bill of Materials. The author said "SBOMs promise a picture of what lies beneath the surface of software, but without large scale automated binary analysis, at best, they reflect intent not reality. As a result, relying on them is like being an explorer without a compass."The author does make some good points here. Large scale binary analysis is definitely lacking in some regards - but the technology is there to do it, and we've had a guest on the show that has talked about...2023-07-0429 mindaBOMDan Walsh on Practical Use from a CISO in HealthcareEvery one of us has a few of those people in our lives that change the trajectory of our careers, and for me, Dan Walsh is one of them. It was just a few weeks after the world shut down during the pandemic when I was introduced to Dan by a mutual friend of ours - Aaron Rinehart - after Aaron heard I was looking for my next big adventure. He introduced us via text message and when I got a chance to meet with Dan We talked for over two hours, and I think we cracked a...2023-06-2726 mindaBOMBrian Reed on Reverse Engineering Software with SBOMI remember being pushed back into my seat with a force I had never felt before. It was the first time I had ever been in an electric car, and Brian Reed was at the steering wheel with this big smile on his face as we went from 0 to 60 in about 3 seconds. It was just one of the many memorable experiences that I've had while spending time with Brian over the years.It feels like every time I see him, he introduces me to something new, and the discussions we have - they're extremely illuminating. ...2023-06-2021 mindaBOMLisa Bradley on Challenges at ScaleEarlier this year I had the opportunity to attend a software supply chain summit and meet Lisa Bradley, Senior Director of Product and Application Security at Dell. Lisa had a point of view that was different from the people I talked to about SBOMs in the past. It was big picture practical view of how to implement an SBOM initiative at scale - for one of the biggest companies in the technology Fortune 500 - Dell. While preparing for this episode, I found that Lisa's vast knowledge and experience in the field of product security made he...2023-06-1324 mindaBOMRitesh Noronha on Why Quality MattersI often can't get over how small the world actually is. Earlier this year, I attended the Second Annual SBOM meetup after the first day of the RSA conference. The venue was at a little bar on Minna Street, tucked away underneath the skyscrapers of San Francisco. The bar was filled with quite a few familiar faces and after grabbing a cold beer, a hand reached out through the crowd to shake mine. Standing in front of me was Ritesh Noronha. I'd never met Ritesh before - or so I thought for a bri...2023-06-0624 mindaBOMBrian Fox and the Creation of Open Source ReposAs the video connects I see Brian Fox, sitting in front of a collection of model spacecraft which adorn the shelves behind him. It's a fitting backdrop for a conversation about the genesis of the software supply chain problem, and how exploration and discovery has led us to where we are as an industry today.Think about this, it all started when we began to assemble our software from components that we didn't write ourselves. And Brian was right there. He was there since the beginning of the open source supply cha...2023-05-3030 mindaBOMChris Hughes on Government and Cybersecurity: Where do we stand?I’m not the most active user of any social networking platform, but when I do engage it’s normally on LinkedIn - and the first thing I usually see is a great article, video, or post from Chris Hughes. He’s a content machine - an active podcaster, and I can tell you that when his upcoming book "Software Transparency," is released, I’ll be the first to pick it up and read it.I had the pleasure of meeting Chris in person recently, and he’s a remarkable person whose presence immediately establishes him as the s...2023-05-2321 mindaBOMWhat's VEX got to do, got to do with it? - Guest: Steve SpringettSeems like every time I talk to someone or do research on Software Bill of Materials, I encounter VEX - Vulnerability Exploitability eXchange - and I never really understood what they were used for.I knew they had something to do with understanding the vulnerabilities that exist inside the components we list inside of an SBOM, but why does the format or concept exist? After all, we already have ways of exchanging vulnerability information like Bill of Vulnerabilities or Vulnerability Disclosure reports, right? Well, VEX represents an approach to sharing vulnerability information as well. As w...2023-05-1624 mindaBOMWhere do we put these things? Guest: Daniel BardensteinBack in February, I posted that I was putting together a Podcast to help demystify Software Bill of Materials. Shortly afterwards - a reply appeared from Daniel Bardenstein. It was a simple message where he said that he'd love to talk about operationalizing and deriving value from SBOMs.This piqued my interest - because the question of what we do with Software Bill of Materials has been a constant concern of mine. I've always feared that they would become just another document. Written once, and never referred to or viewed again.One of the biggest...2023-05-0924 mindaBOMBehind the scenes with an SPDX Contributor - Guest: Maximillian HuberAs we continue the journey to unravel the world of Software Bill of Materials, I wanted to talk to a technologist who had been there from the start - and could shed some light on the background of the movement.The search for such a person led me to the South German State of Bavaria, where I found Max Huber. Max has been a contributor to the SPDX project for upwards of 8 years, and helped build some of the first tools to create and process the format. SPDX - or Software Package Data Ex...2023-05-0220 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #128 - Live from RSAC, Disclosure Transparency, Google AuthenticatorHey, it's 5:05 on Wednesday, April 26th, 2023 from the Sourced Podcast Network in New York City, this is your host, Pokie Huang Stories in today's episode, come from Edwin Kwan in Sydney, Australia, Shannon Lietz in San Diego, California, Trac Bannon live at RSAC with DJ Schleen and Kadi Grigg, Mark Miller reporting live at the RSAC floor with Brian Reed.Let's get to it.Mark Miller and Brian Reed live at RSAC🇺🇸 Mark Miller, San Francisco, CA ↗Trac Bannon and DJ Schleen, Kadi Grigg live at RSAC2023-04-2614 mindaBOMIt's all about Trust... Guest: Shannon LeitzIt was back in early 2017 when an annual tradition started in a hickory smoke filled lounge in San Francisco. I'd found myself at B-55 in the Marriott Marquis sitting around a large table after her day of presentations at the RSA Conference. Surrounding me were some of the originators of DevOps, thought leaders from the Rugged Movement, horseman from I am the Cavalry, innovators from the Chaos Engineering tribe....and at the head of the table was Shannon Lietz - the original gangster of DevSecOps. If you know anything about DevSecOps, you know wh...2023-04-2528 mindaBOMWhat's in the box? Guest: Allan FriedmanA package of Twinkies is a permanent fixture on Allan Friedman's desk, which he holds up to the screen during our conversation. A prime example of the underlying purpose of a Software Bill of Materials. The significance? The ingredient list on the package which lets you know what's inside. I always use the can of beans analogy myself - but the Twinkie - well, this is the bad stuff. Seems obvious that it's better to know what you're going to consume, then assume you're eating something healthy.You can't help but think of Allan when y...2023-04-1824 mindaBOMExchanging BOM data with DBOM - Guest: Chris BlaskWhen the video call finally connected, I saw glitching Chris Blask sitting behind a studio mic, and in the background an open door revealed what appeared to be a lake - with sun glistening across the water. For a brief moment, I thought Chris was working near a dock, but in fact, he was actually working on a boat. A boat in the middle of the waterway, far from any shore, in the Florida keys.The internet connection wasn't the best as Chris took me on a virtual tour of a floating home and...2023-04-1124 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #116 - Sister Podcasts, Uber Suffered Supply Chain Attack, Apple Patches Exploited Zero DaysHey, it's 5:05 on Monday, April 10th, 2023. From The Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri. We will start today's episode with a message from our executive producer, Mark Miller, live from the streets of New York City.Let's get to it.Sister Podcasts🇺🇸 Mark Miller, New York CityThat’s in my EULA?? with lawyer Joel MacMullhttps://whatsinmy...2023-04-1008 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #114 - Sourced Network, TikTok Banned, AI WorriesHey, it's 5:05 on Thursday, April 6th, 2023. From The Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Mark Miller in New York City, Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri. Let's get to it.Sourced Network Update🇺🇸 Mark Miller, New York CityThat’s in my EULA?? with lawyer Joel MacMullhttps://whatsinmyeula.com/Real Technologists with host Tracy Bannonhttps://realtechnologists.org/daBOM wit...2023-04-0610 mindaBOMThe CycloneDx SBOM Format - Guest: Steve SpringettI'm DJ Schleen and welcome to daBOM. I'm on a journey to demystify Software Bill of Materials and on this podcast I'll be investigating technical, regulatory, and practitioner stories in and around the SBOM and -BOM movement. Along the way you'll meet the people and teams responsible for creating and maintaining the various Software Bill of Materials formats, and we'll also dig deep into all types of Bill of Materials including SBOMs, SaSSBoms, IBOMs and any other type of -BOM that you may have heard about. If you're interested in software security, the sof...2023-04-0430 mindaBOMdaBOM: An IntroductionToday’s software is extremely complex – and with the pervasive use of third-party components, it’s become extremely difficult for anyone to keep track of all the external code in their systems. Pieces of code that aren’t written by your own developers.These components are assembled by engineers and can potentially make up the majority of the software we build every day. For everyone outside the engineering organization? They may not even know what these third-party components are – or that they are even being used. This lack of visibility into what these components are and where th...2023-03-2903 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #100 - It's 5:05, Friday, March 17, 2023Hey! It's 5:05 on Friday, March 17th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, DJ Schleen in Golden, Colorado, Trac Bannon in Camp Hill, Pennsylvania, Olimpiu Pop in Transylvania, Romania and Marcel Brown in St. Louis, Missouri. Let's get to it.Beware of Silicon Valley Bank Related Scams🇦🇺 Edwin Kwan, Sydney, AustraliaIncoming Silicon Valley Bank Related ScamsNew Cyber Kill Chain🇺🇸 Katy Craig, San Di...2023-03-1719 min
Defense in DepthCan You Build a Security Program on Open Source?All links and images for this episode can be found on CISO Series. What would it take to build your entire security program on open source software, tools, and intelligence? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome guest DJ Schleen (@djschleen), distinguished security architect, Yahoo Paranoids. Thanks to our podcast sponsor, SPMB SPMB connects top executive talent to the world...2023-03-0925 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #45 - It's 5:05, Friday , December 30, 2022It’s 5:05, Friday, December 30, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on his part 4 of Ukraine cyber war analysis, Dan Whiting in Washington, DC, talks about how to keep your kids safe from connected toys, Edwin Kwan in Australia with a report on parental control apps come packaged with malware, Katy Craig in California on biometrics devices sold on eBay holds sensitive data, DJ Schleen in Colorado on the cyber criminals who aren’t bringing home the bacon anymore.Toda...2022-12-3011 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #44 - It's 5:05, Thursday, December 29, 2022It’s 5:05, Thursday, December 29, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California with an update on Meta & Cambridge Analytica, DJ Schleen in Colorado on punt the AI and just write the code yourself,Olimpiu Pop in Romania with his part 3 of Ukraine Cyber War analysis, Edwin Kwan in Australia on cyber attack on Australian universities.Let’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaUpdate on Meta & Cambridge Analyticahttps://fingfx...2022-12-2909 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #42 - It's 5:05, Tuesday, December 27, 2022It’s 5:05, Tuesday, December 27, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California on don’t give up your data, Edwin Kwan in Australia on Github to require 2FA for all users by the end of 2023, DJ Schleen in Colorado on dust of the security crystal ball, it’s almost 2023.Today’s episode begins our Executive Producer Mark Miller in New York City on the LastPass story isn’t getting any better.Let’s get to it!🇺🇸 Mark Mille...2022-12-2710 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #35 - It's 5:05, Friday, December 16, 2022It’s 5:05, Friday, December 16, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California, talks about Tech Giants vs. Google Maps, Edwin Kwan in Australia with a report on an investigation into TikTok’s privacy concerns, Trac Bannon in Pennsylvania with a report on the widely used Atlassian products compromised and DJ Schleen in Colorado, talks about GitHub public repositories now include free secret scanning.Let’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaTech Giants vs. Google Map...2022-12-1608 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #30 - It's 5:05, Friday, December 9, 2022It’s 5:05, on Friday, December 9 , 2022. This is your daily update of open source and cybersecurity news. This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trac Bannon in Pennsylvania, talking about the Chinese drone threat to US States and Local governments, Katy Craig in California on critical Chrome updates, Olimpiu Pop in Romania with a report on the cybercrime to reach 24.5 trillion dollars by 2027, Edwin Kwan in Australia on Medibank system wide shutdown over weekend. We will start today with DJ Schleen in Colorado talking about how the Tech Lob...2022-12-0909 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #29 - It's 5:05, Thursday, December 8, 2022It’s 5:05, on Thursday, December 8 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Edwin Kwan in Australia with a report on a third major Australian data breach in three months, Katy Craig in California on Deloitte’s 2023 tech trends, DJ Schleen in Colorado with SBOM and SLSA Paulo Gouveia in Florida talking about Phishing with BeEF and myself reporting on the met opera cyber attack. We will start today with Ax Sharma from Manchester, UK, talking about his ar...2022-12-0811 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #28 - It's 5:05, Wednesday, December 7, 2022It’s 5:05, on Wednesday, December 7 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trac Bannon in Pennsylvania with a report on scamming the digital workforce, Edwin Kwan in Australia on how AirAsia poor network organization spared it from future attacks, Katy Craig in California on Apple AirTag stalking initial report and DJ Schleen in Colorado with a report on the new version of the Software Bill of Materials vulnerability scanning tool. We are going to start with a story fr...2022-12-0712 min
The Secure DeveloperRunning And Expanding A DevOps Team With DJ SchleenToday we have a great conversation with DJ Schleen, who is the Vice President of Infrastructure and Developer Operations at VillageMD! DJ is an experienced DevOps practitioner, currently working as a security advocate, in his role at VillageMD in the healthcare industry. We get to have a very interesting conversation about the broad state of security and hear about his route into the professional world. DJ transitioned from the early days of hacking into web design, and then brought these skills to his career in security! We talk about some of his best practices for keeping a team on...2021-10-0432 min
The Balancing Act by Security CompassDJ Schleen - Using Technology to Enhance DevSecOpsToday we are joined by Pranoy De and Michael Bolger from Security Compass and DJ Schleen, Senior Manager of Software Security at Rally Health, to talk about how we can leverage technology to enhance DevSecOps practices. In this podcast, we delve into the details of technology and automation tools that are essential for setting up a robust DevSecOps program, with specific emphasis on the Healthcare industry.
2020-11-1327 min
The Application Security PodcastMarc French, Steve Lipner, Maya Kaczorowski, DJ Schleen, Kim Wuyts — Season Six Wrap upWe’ve reached the end of season six, and here are a few of our favorite clips. Season seven is around the corner.S06E01 — Marc French — The AppSec CISOWhat are some tips for someone who wants to become a CISO? Is there such a thing as a CISO school?S06E05 — Steve Lipner — The Past, Present, and Future of SDLLipner is a giant in the industry and someone that I’ve looked up to for years. After some setup, I ask him for a definition of SDL.S06E08 — Maya Kaczorowski — Container and Orchestration SecurityContainers are not a security tool...2020-05-1425 min
Application Security PodCastMarc French, Steve Lipner, Maya Kaczorowski, DJ Schleen, Kim Wuyts -- Season Six Wrap upWe've reached the end of season six, and here are a few of our favorite clips. Season seven is around the corner. S06E01 — Marc French — The AppSec CISO What are some tips for someone who wants to become a CISO? Is there such a thing as a CISO school? S06E05 — Steve Lipner [...]
The post Marc French, Steve Lipner, Maya Kaczorowski, DJ Schleen, Kim Wuyts — Season Six Wrap up appeared first on Security Journey Podcasts.2020-05-1400 min
The Application Security PodcastDJ Schleen — DevOps: The Sec is SilentDJ Schleen is a seasoned DevSecOps advocate at Sonatype and provides thought leadership to organizations looking to integrate security into their DevOps practices. He encourages organizations to deeply integrate a culture of security and trust into their core values and product development journey. DJ joins us to talk about the philosophy of DevOps and flow, DevSecOps and silos, and the DevSecOps reference architectures. We hope you enjoy this conversation with… DJ Schleen.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listenin...2020-01-3037 minApplication Security PodCastDJ Schleen -- DevOps: The Sec is SilentDJ Schleen is a seasoned DevSecOps advocate at Sonatype and provides thought leadership to organizations looking to integrate security into their DevOps practices. He encourages organizations to deeply integrate a culture of security and trust into their core values and product development journey. DJ joins us to talk about the philosophy of DevOps and flow, [...]
The post DJ Schleen — DevOps: The Sec is Silent appeared first on Security Journey Podcasts.2020-01-3000 min
Data Breach Today PodcastOpen Source Vulnerabilities Cut Across SectorsLarge or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.2019-10-1600 min
The OWASP Podcast SeriesThe DevSecOps Unicorn Rodeo w/ Stefan StreichsbierStefan Streichsbier talks about his chapter, "Unicorn Rodeos", in the just released book, "Epic Failures in DevSecOps". We start with where did the chapter name come from and what does it mean, then lead into his three main points for hanging on for the rodeo ride:
-- Don't waste time over-engineering
-- Build for the right audience
-- Find your champions
We conclude with a discussion of technology trends in South East Asia and Indonesia. People mentioned include Gene Kim, Caroline Wong, Fabian Lim, Mohamed Imran, Magda Chelly, Edwin Kwan, DJ Schleen and others.2018-12-1423 min
The OWASP Podcast SeriesThe DevSecOps ExperimentDJ Schleen talks about his upcoming 15 part video series, "The DevSecOps Experiment", where he will walk through the setup of a software supply chain, including building in security during every step of the process.
This is a lab workshop type series, where you'll be able to immediately implement the solutions at the end of each 15 minute session. DJ will be available to answer your questions on his public slack channel as well as provide resources in the DevSecOps Days github repository.
This is a free, online workshop series. To be notified when each segment of the series is released, please...2018-12-1014 min
The OWASP Podcast SeriesA Message from the Executive ProducerThis is Mark Miller, Executive Producer. 4 years ago I took over the creation and curation of the OWASP podcast series. In that time, there have been 118 episodes, with a combined listenership of over 269,000 plays. The series began as a way to speak with OWASP project leads and chapters leaders to let the community hear what was being worked on. Gradually, the show has morphed into something broader. Recent broadcasts highlighting the work done in the DevOps and DevSecOps Communities receives well over 2000 listeners per episode.
We have helped give exposure to DevSecOps practitioners at major AppSec Conferences in Europe and...2018-07-1502 min