Look for any podcast host, guest or anyone
Showing episodes and shows of

Ink8r

Shows

Ink8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #53 - Productivity Through Self-AwarenessIn this compelling episode of The Incubator Podcast, hosts Satbir Sran and Darren Boyd dive into the theme of productivity with TJ Walia, Founder and CEO of ZenTek Solutions. TJ shares his transformative journey from burnout to balance, sparked by a severe panic attack during his high-pressure career at Microsoft. His story unveils practical strategies for reclaiming productivity through self-awareness and intentional boundaries.Key takeaways include:Recognize Burnout: Monitor behavior for signs of chronic stress, like agitation or strained relationships, and pause to assess sustainability.Set Boundaries: Use tools like...2025-05-1145 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #52 - Exploring Cybersecurity Strategies for 2025In this episode of the Incubator Podcast, hosts Satbir Sran and Darren Boyd sit down with Daniel Hooper, a cybersecurity expert with over 25 years of experience, including a decade as a CISO. They dive into the evolving world of cybersecurity, exploring key challenges and strategies for 2025.Daniel shares his journey from technical roles to a business-focused CISO, emphasizing the need to align security with organizational goals. He highlights AI as a game-changer for enhancing security operations, like investigations in Security Operations Centers, and enabling safe business innovations, such as secure chatbots. However, AI’s accessibility also empowers ad...2025-05-1029 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #3 - Democratizing Telemetry Collection with Morgan McLeanIn this episode, we speak with Morgan McLean, Director of Product Management for Splunk Observability Cloud, and co-founder of OpenCensus and OpenTelemetry.  As a governance committee member of the OpenTelemetry project, Morgan is shaping how to democratize the collection of telemetry signals (metrics, logs, traces) into a single braid based on context propagation.   Listen as Morgan provides a perspective on Observability and OpenTelemetry, shares how concepts in OpenTelemetry provide support to distributed applications, and lends practical implementation guidance for introducing signal collection standards in the enterprise.2025-05-0544 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #51 - Securing the API Frontier with Salt SecurityIn this episode of the Incubator Podcast, hosts Satbir Sran and Darren Boyd sit down with Nick Rago, Vice President of Product Strategy at Salt Security, a leading firm in API security.  The conversation dives into the evolution of API security, the pioneering role of Salt Security, and the innovative approaches the company takes to address the growing challenges in the API landscape. Rago shares the origins of Salt Security and how the company is shaping the future of API governance and protection.*API Security Challenges*- Evolving Threat Landscape: APIs have become a prevalent attack v...2025-05-0538 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #50 - Building a Data Security Foundation with Bedrock SecurityIn this episode of the Incubator podcast, co-hosts Satbir Sran and Darren Boyd sit down with Bruno Kurtic, the CEO and co-founder of Bedrock Security, to discuss his journey in enterprise software. Bruno shares his experience building Sumo Logic, a cloud-native log analytics platform that went public, and how those lessons drive innovations at Bedrock Security. Bruno explains that the core of Bedrock Security’s approach is a "metadata link," which builds a comprehensive data inventory from creation to consumption. This helps organizations discover, classify, and manage data effectively—the foundational step before any security can be imple...2025-02-1531 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #49 - Securing SaaS: Reco’s AI-Driven End-to-End SSPM SolutionIn this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Ofer Klein, the co-founder and CEO of Reco.ai, to delve into the evolving landscape of SaaS Security Posture Management (SSPM). Ofer shares his diverse background—from flying helicopters in the Israeli Air Force to launching multiple startups—and explains how his experience, along with the expertise of his co-founders (who bring unique skills from their time in the Israeli FBI), laid the foundation for Reco.ai’s innovative approach to SaaS security.This podcast episode centers on the explosive growth of SaaS applic...2025-02-1331 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #48 - Navigating the Future of AI with AheadIn this episode of the Incubator Podcast, co-hosts Darren Boyd and Satbir Sran welcome Ethan Rasa, an AI Sales Specialist at Ahead, to explore the evolving landscape of artificial intelligence and how enterprises can harness its potential.Key Highlights:Introducing Ahead:Discover how Ahead—a Chicago-based, multi-billion-dollar company with a nationwide footprint—is driving innovation with a robust portfolio that spans AI strategy, engineering, data science, security, and more. With 3,000 employees (including 2,500 engineers) and a strong presence among Fortune 2000 clients, Ahead is at the forefront of integrating cutting-edge solutions into complex ente...2025-02-0328 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #47 - Exploring the future of APIs and how to secure themIn this exciting episode of The Incubator Podcast, co-hosts Satbir Sran and Darren Boyd sit down with Reza Shafii, Senior Vice President of Product at Kong Inc., to discuss the ever-evolving landscape of API management, service mesh technologies, and the future of developer platforms. A key focus of the conversation is the convergence of API management and platform engineering, and how this integration is changing the way enterprises approach infrastructure, developer productivity, and system reliability. Reza explains how Kong is building innovative tools such as Kong Mesh and Insomnia to simplify the API development process, enhance security, a...2024-10-0733 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #46 - ‘Space Container’: Creative IT Solutions, Without LimitsIn this insightful episode of the Incubator podcast, hosts Satbir Sran and Darren Boyd are joined by Craig Martin, VP at Ahead and leader of the Digital Solutions Group. In this episode, Craig, a devout Grateful Dead fan, shares the transformative strategies his team uses to help organizations unlock the full potential of technology through modernization. Just as Jerry Garcia's 'space container' crafted a unique, boundary-pushing soundscape in music, Craig's team is redefining the norms in IT, challenging conventional approaches to deliver innovative solutions.With a rich background in engineering and a knack for pioneering s...2024-09-0318 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #45 - Observability Pipelines Reimagined with Observo.aiJoin us in this exciting episode of the Incubator podcast as co-hosts Darren Boyd and Satbir Sran sit down with Ricky Arora, the co-founder and COO of Observo.ai. Dive into the cutting-edge world of AI-powered observability pipelines and discover how Observo.ai is transforming the landscape of data observability and security.Key Differentiators: Learn about the unique features of Observo.ai, including its ML-driven insights, efficient data processing, and seamless integration with existing tools like Splunk, Datadog, and Elastic.Customer Success: Hear stories on how Observo.ai helps enterprises optimize their telemetry data, resulting in...2024-07-3035 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #44 - Operating at the Cyber Frontier with ZscalerIn this episode of the Incubator Podcast, co-hosts Satbir Sran and Darren Boyd welcome Brian Deitch, Chief Technology Evangelist at Zscaler. With an impressive 30% of Forbes Global 2000 companies as clients, Zscaler is making significant strides in connecting people to resources and enhancing cybersecurity measures.Brian shares his journey from joining Zscaler seven years ago to becoming a key figure in their technology evangelism. The discussion delves into Zscaler's evolution, focusing on their Zero Trust Exchange strategy, data protection, DLP, and innovative approaches to data classification. Brian highlights the importance of user experience and the impact of AI...2024-07-1735 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #43 - Cultivating Resilience and Innovation in Cybersecurity with Mel ReyesIn this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Mel Reyes, a distinguished figure in the tech industry known for his roles as a global CIO and CISO, founder of Digital Guardians, and an active community contributor.  Mel shares his extensive experience in IT and security, discussing the evolving challenges in cyber threats, compliance, and the importance of leadership in security operations.  He emphasizes the significant impact of management support on cultural change within organizations and highlights the necessity of building trust and collaboration among teams. Mel also dives into the...2024-05-0739 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #42 - Unpacking the Future of Hybrid Clouds with Dell’s PowerFlexIn this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran delve into the transformative world of hybrid cloud with guest Steve Bisnett, Global Field CTO for PowerFlex at Dell Technologies. Steve shares insights into his extensive background in the tech industry, especially his experiences transitioning from customer-focused roles to influencing product innovation at Dell.The episode centers around PowerFlex, a pioneering software-defined storage solution. This technology, initially acquired and evolved over time by Dell, addresses the burgeoning needs of modern data centers characterized by high scalability and the flexibility to adapt to various workloads...2024-04-1434 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #39 - Consumption Economics: A neoclassical view of cloudIn this podcast episode, we delve into the neoclassical economic view of cloud computing with Sarbjeet Johal, analyst, evangelist, and founder. The discussion begins by exploring the relevance of cloud in modern digital transformation.  We then explore principles rooted in neoclassical economics, focusing on concepts such as consumption economics, utility maximization, institutional/transactional costs implications, and how these apply to the cloud computing market. Key points include an analysis of supply and demand dynamics in cloud services, cost-benefit considerations for businesses transitioning to the cloud, and the role of competition among major cloud providers in shaping prices an...2024-02-0421 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #40 - Anonymisation through pseudonymisationIn this podcast episode, we delve into data masking, data privacy, test data management, test environment management, the role of synthetic data, and the value of establishing a data fabric.  Quite a bit of ground to cover!K2View is a leader in data fabric and Customer 360, creating a comprehensive view of the customer journey which aids businesses in understanding customer behavior, preferences, and needs, leading to better service and personalized experiences.This of course naturally leads to the topic of data privacy. Hod Rotem emphasizes the increasing importance of safeguarding consumer data by sharing s...2024-02-0138 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #38 - Practicality in Protection: Implementing an AppSec ProgramIn this episode of our podcast, we sit down with Jeevan Singh, a distinguished leader in the field of Application Security (AppSec), to delve into the intricate world of securing software applications. The discussion highlights the perils and challenges faced by organizations in today’s digital landscape, emphasizing the growing sophistication of cyber threats and the vital importance of robust AppSec programs.Jeevan articulates how he approaches implementing AppSec programs through a crawl, walk, run progression, which helps to address cultural gaps that may exist between security teams and developers. He stresses the need for a paradigm sh...2024-01-0443 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #37 - CISO Perspectives on Cybersecurity Programs, Risks, and PrioritiesJoin Satbir and Darren as they interview Nemi George, a seasoned Chief Information Security Officer (CISO) of Pacific Dental Services, as they cover a complex tapestry of modern cybersecurity concerns.The discussion covers diverse topics including the evolving threat landscape, the rise of sophisticated cyber attacks, evolving insider threats, risk management, supply chain complexity, and the value of preventive action. As the conversation unfolds, Nemi highlights the importance of a robust security culture within an organization, articulating that while technology is a critical line of defense, the human element remains the most unpredictable.  Initiatives to en...2023-11-0531 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #35 - Using Aviatrix to simplify multi-cloud networkingEnterprises are not confined to the boundaries of a single cloud environment.  But as many adopters have discovered, navigating multi-cloud isn't without its challenges from a networking perspective.  The once-promised flexibility and scalability of the multi-cloud model are often overshadowed by daunting complexities, diminished visibility, and fragmented control mechanisms.  The disparate networking and security paradigms of each CSP have all but eroded the notion of a seamless integration experience, ushering in the need for an overlay capability.Aviatrix's answer is both innovative and intuitive. The company sought to reimagine the entire multi-cloud networking paradigm. By developing a pla...2023-10-0847 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #36 - Leveraging Deep Learning for Deep DefenseTraditional cybersecurity approaches, often retrospective in nature, race to detect and respond to threats only after they've manifested. This reactive paradigm, although necessary, leaves a window of vulnerability—a time-lapse during which systems are exposed, data is compromised, and infrastructures are at risk.Deep Instinct represents a seismic shift in the way we approach cybersecurity.  What makes Deep Instinct stand out in the vast sea of cybersecurity firms lies in their use of deep learning.  Inspired by the structure of the human brain, deep learning enables computers to learn from vast datasets and make independent decisions when dist...2023-10-0831 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #41 - Using synthetic data for ultimate privacyData security is heavily dependent on context, and as organizations contemplate Test Data Management (TDM) they must consider not only de-identification strategies but re-identification probabilities as well.  Data privacy regulations are becoming more stringent, with some regulations having an ‘extraterritorial scoping clause’ that stipulates that organizations must comply with regulations regardless of where the data resides, if collecting data on their constituents (e.g., GDPR and PIPL).  Further, even if all direct identifiers are stripped out of a data set, the data will still be considered personal data if it is possible to link...2023-09-1830 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #34 - A trace-based approach to runtime securitySpyderbat continuously records ALL runtime context in an environment (from Kernel to Cloud) while providing causal linkage (recording both good & bad events alike). Alerts can then be traced along the resultant causal chain that's created. Normal behaviors can then be safely ignored, allowing practitioners to focus on more toxic combinations ONLY (i.e., Alerts-to-Traces). Practitioners can then group behaviors for another order of magnitude reduction in alerts. To do this, Spyderbat has developed the following algorithms:Guardian - Records context to determine and visualize aggregate event significance in the environment. Guardian is th...2023-08-0542 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #33 - A discussion with Sounil Yu, author of the Cyber Defense MatrixSounil Yu is an author, cybersecurity visionary/strategist, advisor, security scientist, and leader.  In his capacity of Chief Security Scientist at BoA he was in part responsible for developing and optimizing their cybersecurity portfolio.  With an ever-expanding set of entrants in cybersecurity, he recognized the need to develop a framework that would provide a consistent mechanism to describe and organize solutions.  Over the last several years this framework, the Cyber Defense Matrix, has evolved into a very robust matrix that can apply to an expanding set of use cases.  At The Incubator Podcast, we are using the matr...2023-08-0336 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #32 - OSS LIbrary-Level Analysis and Least Privilege EnforcementOligo Security provides OSS library-level analysis and creates a profile of behavior on runtime.  By evaluating what the OSS packages need from the operating system, they can detect malicious activity for each and every component in runtime.  Through continuous monitoring, they can alert on deviations from baseline behavior and even block those deviations if desired.  They apply a least privilege approach when assessing OSS libraries which reduces alerts by upwards of 85%.  Given approximately 80% of deployed code contains OSS, Oligo's least-privilege approach is a true differentiator.   Join  Satbir and Darren as they speak with Gal Elbaz, Co-Founder and CTO of...2023-07-1837 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #31 - Establishing Enterprise Encryption SupremacyPrimarily known as a pioneer in Confidential Computing, Fortanix has created a unified data security platform that delivers a suite of services, including multi-cloud key management, tokenization/encryption, Transparent Data Encryption (TDE), and specializes in secure enclaves.  With 30+ granted and pending patents, and a host of awards such as Gartner Cool Vendor and RSA Innovation Sandbox - Fortanix has achieved absolute encryption supremacy for the enterprise.  In this episode, we speak with Faiyaz Shahpurwala, Chief Product and Strategy Officer, as we explore a broad set of use cases to secure enterprise data, wherever it is. Ple...2023-07-1732 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #30 - How to build a sustainable AppSec programApiiro has built its Code Risk Platform to address risks inherent in material changes to application logic/code ... long before those change ship to prod.  Given the imbalance in the ratio of developer to security practitioner, Apiiro's solution is crucial if we are to deliver sustainable security programs that meet the demands of new product introduction.  They are the winner of RSA's Innovation Sandbox and are recognized by Gartner as a Cool Vendor in DevSecOps.   Apiiro establishes an ongoing understanding of the ins and outs of applications and software supply chains, and how the attack surface changes over...2023-05-1731 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #29 - Tackling the biggest problem affecting code … dependency lifecycle managementAs it turns out, managing Open Source Software (OSS) dependencies is extremely difficult.  Not all vulnerabilities are in runtime and/or reachable, not all exploits focus on high/critical CVSS, there is a time delay with patches when they are made available, and Semantic Versioning (SerVer) can make prioritization challenging when thinking through backward compatibility, upgrade paths, version pinning in supply chain, etc.Though estimates vary based on source, some 80% of deployed code is now OSS with 95% of vulnerabilities taking place in transitive dependencies.  What’s more, when looking at the Census II report () approximately 50% of all pack...2023-05-0227 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #28 - A discussion of data cloud economies and security, with Navindra YadavData platforms are evolving, allowing data clouds to connect with consumers and producers of data that may be external or internal to your organization.  Sharing with upstream/downstream partners in this data economy presents significant challenges to protecting data.  Join us as we discuss this economy and the security implications, with Navindra Yadav, CEO & Co-Founder of Theom.2023-04-2426 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #27 - Promoting Open Standards Observability at a massive scaleNobody understands observability at scale quite like Chronosphere co-founders Martin Mao (CEO) and Rob Skillington (CTO).  While at Uber they created, and open-sourced, the M3 metrics engine, which was capable of handling billions of data points that describe the most complex environments.  Then, in 2019, they founded Chronosphere which is now valued at over a billion dollars.Chronosphere focuses on capabilities that help Product Teams work more efficiently to manage their applications.  The company’s trace metrics help developers and SREs create a single metric that represents all or part of their business logic call flow, such that visib...2023-04-0338 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #26 - An Insider Threat Platform that Protects Individual PrivacyWhen considering an Insider Risk Management (IRM) program a confluence of events complicates effective execution, including a general increase in financial hardship due to the current economic climate, an increasingly remote corporate workforce, steady growth in the gig economy, privacy concerns regarding individual liberties, and negative perceptions of organizations developing a 'surveilling’ presence.  Insider threat is inherently a human challenge that must look beyond the traditional focus on cyber-only components - to also include human, organizational, and physical approaches & sensors.  DTEX Systems operates in this space, providing significant thought leadership and even forming a Public-Private Partnership (PPP) with...2023-03-2734 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #25 - Helping Defenders focus on exceptions by offloading day-to-day, with StrikeReadyThe annual Cybersecurity Workforce Study conducted by (ISC)² modeled the existing talent shortage as 3.4 million professionals in 2022, up 26% from their 2021 study.   The purchasing of a multitude of security products to offset skill gaps can fall short as operators struggle to adapt processes and extract value from toolchains that may or may not be flexible in handling an evolving threat landscape.  Many available security automation products require an operator to construct, deconstruct, and reconstruct a set of playbooks that include a number of static decision blocks, which are clearly not optimized for ad-hoc or potentially ex-ante scenarios.   I...2023-03-2640 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #24 - Unifying Security Technology and Human Intelligence with SynackDisrupting traditional security testing approaches is where Synack specializes. They have long recognized that to thwart attacks in modern adversarial campaigns requires a maximal combined talent of human and AI-powered intelligence.  Through the gamification and use of crowdsourced expertise across verifiable exercises, Synack leverages its Synack Red Team (SRT), a global network of ethical hackers, to identify and address vulnerabilities across an ever-evolving attack surface.  This crowdsourced team of highly skilled and heavily vetted ethical hackers represents one of Synack's key differentiators.  Traditional security assessments and audits provide point-in-time insights into an enterprise's security posture whi...2023-03-0829 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #23 - Cyber Defense Services Forged from the Front LinesAt its core, BlueVoyant offers MDR and managed SIEM services for Splunk and Microsoft Sentinel, though they also provide EDR services, 24/7 security monitoring, alert investigations & incident response, forensics & litigation support, attacker simulation & penetration testing, supply chain defense, dark web investigations, compliance services, vulnerability assessments and remediation, and professional services.  In this episode, we are joined by Matthew Gonter, Global Technical Solutions Architect - Splunk | Cribl where we talk about the myriad of security problems BlueVoyant sees in the industry and how they enable customers to outsource key security functions while addressing the cybersecurity skills gap to improve o...2023-02-1925 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #22 - Operating at the nexus of Observability & Security dataCribl provides a real-time data stream management platform for MELT data that enables organizations to gain insights and take action on data in place (right at the source), data at rest (already stored in a data lake), and eventually data in motion (transitioning an observability pipeline).  Back in May 2022 Clint and the C021 team signaled that they would be turning search on its head, and in Nov '22 they did just that.  We can now say goodbye to the swivel-chair searching which has become a rate limiter to value realization and start to unlock our observability and security data.  2023-01-3030 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #21 - Automating continuous Classifying, Modeling, & Auditing of data actions with TheomWe at Ink8r have long been advocates for calibrating protection against threat modeling exercises to properly align protection for assets.  When it comes to securing production resources in the cloud this often means extending beyond Cloud Security Posture Management (CSPM) and including Data Security Posture Management (DSPM), among other capabilities, to properly address threats.   With Theom we find not only a complete data security solution but also a platform that has truly thought through what the enterprise practically requires.  Join us as we speak with Navindra Yadav, serial entrepreneur & inventor, and Co-Founder & CEO of Theom as we...2022-11-0636 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #20 - Making Connectivity to Business Resources Impossibly Simple2022-10-1744 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #19 - Constructing a versatile SSDLC pipeline that can simply do moreHow many pipelines does my organization need?  What pipeline construction patterns are most acceptable to my developers?  What intelligence should I inject into the pipeline?  Nick Durkin, Field CTO & VP of Field Engineering from Harness answers these and more.  Join us in this episode as we unpack some philosophical areas of SSDLC architecture, while diving into the Harness portfolio to see how they continue to innovate in topics such as Chaos Engineering, Feature Flag Management, Security, Intelligent Testing, Cloud Cost Management (more than just visibility), Service Reliability, and more.  The pipeline underpins the SSDLC process, ensuring not only...2022-10-1146 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #18 - To truly understand the pervasive use of SaaS in your enterprise, turn to SSCPEnterprises rely on dozens to hundreds of Software-as-a-Service (SaaS) applications, both sanctioned and unsanctioned, for their workloads, data, and processes.  This attack surface requires SaaS Security Posture Management (SSPM) to protect the enterprise, but how do enterprises truly discover all of the SaaS apps in use (particularly those unsanctioned SaaS apps)?Traditionally enterprises have relied on CASB solutions, API-integrated solutions, SSO-integrated solutions, and/or web proxies to try and discover the breadth of SaaS use, but these can be off by an order of magnitude from true usage in an environment.  This is where a SaaS Security Co...2022-09-2137 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #16 - Harmonizing your AppSecOps ProgramApplication delivery velocity is driving a need to bolster an organization's existing software security posture.   One fundamental aspect in fortifying an AppSec strategy is to leverage the API’s of existing application portfolio management solutions, code repositories, open source code scanning, static code scanning, credential scanning, image scanning, and various dynamic application security test tools, to create a composite risk profile for each asset along with prioritization, tracking, and automated SLA management across the Secure Software Development Lifecycle (S-SDLC).  This allows us to move beyond what is often construed as an obsession with defects, to achieve a degree of harm...2022-08-0747 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #15 - Reimagining Observability and making it viableWe heard a great quote at RESOLVE'22 this year which said, "customers pay for up time and companies pay for downtime".  A rather adroit quote, and one that truly captures the Sisyphean challenge of ensuring applications are performant in the way we expect.  When it comes to the Herculean task (wow - two mythological references in one opener!) of making modern observability viable, there stands Cribl, the leader in Observability Pipelines and a true disruptor of the domain.  Cribl has launched several products that enable practitioners by focusing on data value at the edge, in the stream, and in a c...2022-07-0239 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #13 - Running MELT through analytics at the edgeThere is always tremendous value in decreasing latency in any decision-making process, particularly when we are dealing with stream processing in support of system and application observability.  By running Metrics, Events, Logs, and Trace (MELT) data through an analytics algorithm at time of creation, on the very devices emitting the signals, organizations can set parameters on what information is worth sending to an observability platform, and what information is not.In this episode, we speak with Zachary Quiring, Director of Product at Edge Delta regarding how they view observability and how distributed queries are the most economical a...2022-06-3046 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #14 - Enabling Collaborative IaC with specialized CICDMany, if not most, organizations operate as polyglots - polyglot environments, polyglot programming languages, polyglot persistence, and so on.   Infrastructure-as-Code (IaC) automation is no exception to this complexity with organizations often supporting polyglot IaC CICD tooling.  Teams introduce this variability to achieve specific ends as some frameworks are great for one task but not another, so working with multiple platforms/frameworks enables developers to use the right tool for the job. In this podcast episode, we speak with Co-Founder and Chief Product Officer of Spacelift, Marcin Wyszynski.  Together we discuss how Spacelift can cull the digital Tower of B...2022-06-3034 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #17 - An Observability breakout session from Resolve '22, with the Ink8r TeamSatbir and Darren were interviewed in a breakout session at Resolve '22, a BigPanda-organized community event.  It was a wonderful opportunity for the Ink8r team to share thoughts on the domain of Observability, as directed by Aaron Johnson (BigPanda SE).  Join us in this episode as we cover topics such as the consequences of not starting a journey, key measurements to get started, finding your guiding star and staying a path, and our thoughts on the role and importance of open standards.  2022-06-0244 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #12 - Using AI to baseline good behavior to block malicious emailSocial engineering attacks such as Business Email Compromise (BEC), supply chain fraud, executive impersonation, and ransomware, are complex vectors that readily evade solutions that rely on conventional threat intelligence and known bad indicators.  Modern attacks frequently bypass secure email gateways as they may come from trusted sources and do not contain malicious links or attachments.Abnormal Security provides a fundamentally different approach to email attacks by continuously baselining known good behavior by leveraging identity, behavior, and content to detect and remediate anomalies.  Join us on this podcast as we speak with Abnormal Security's CISO, Mike Britton - a...2022-05-2934 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #10 - Cloud-native security with a rules-optional intelligence platformLacework has a patented platform, Polygraph Data Platform, which ingests data, analyzes behavior, and detects anomalies across an organization’s multi-cloud environment.  Lacework continuously monitors user, app, process, and network behavior, as well as continuously evaluating vulnerabilities and cloud configurations.  They use an agent and agentless approach to collect information to uncover unusual activity that could indicate compromise and prioritize responses.  Join us in this podcast as we speak with Mark Nunnikhoven, Distinguished Cloud Strategist, regarding how Lacework identifies and traces new or anomalous activity correlated across cloud accounts including regions, users, principals, CSP services, API calls, and A...2022-05-2942 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #11 - Building data security into DevOps infrastructureIn the modern enterprise data spans multiple cloud providers, regions, databases, object stores, and data lakes.  Users, developers, supply-chain vendors, and contractors all access data via multiple roles and applications.  In a truly dynamic environment where developers instantiate instances, organizations need to be able to visualize how data flows, who is accessing that data, and how that data is being used, all in real-time.  In this episode, we speak with Martijn Loderus, VP of Solutions Engineering & Delivery, of Symmetry Systems on how they are taking a data-centric approach to enable organizations to map, secure, and...2022-05-2933 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #8 - Build trust in your software with the leader in AppSecSynopsys is a leader in Gartner’s Magic Quadrant for Application Security Testing (AST) for the 6th straight year.  Their portfolio is among the most comprehensive in the market, supplementing the foundational aspects of AST with an acquired portfolio of award-winning products including SAST, DAST, IAST, and SCA - with advanced capabilities such as protocol fuzzing and API protection.  Join us as we speak with Tim Mackay, Principal Security Strategist with Synopsys’ Cybersecurity Research Center, as we discuss how Synopsys represents an evolution of traditional application security, through integration of capabilities in risk management that automates and accele...2022-05-1547 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #7 - Protecting API business logic & vulnerabilities with Cequence SecurityCequence Security understands API attack surfaces, protecting upwards of 6 billion API transactions on any given day.  In this podcast episode, we speak with Vince Bryant, Senior Director of Business Development of Cequence Security.  In an age characterized by velocity in execution, Cequence will be the first to state that, "digital transformation from the inside looks pretty messy".  In assessments, Cequence frequently discovers that the API attack surface is usually 2x what an organization believes is in use.  From inventory discovery and risk assessment to behavior analysis with sensitive data exposure protection and business logic abuse protection - Cequence's single-pass arch...2022-05-1538 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #6 - Moving Beyond Observability with Aaron JohnsonAs we begin emitting more signals from more endpoints in servitude of more complex transactions, it becomes clear that being observable isn't enough.  Join us as we talk with Aaron Johnson (AJ), BigPanda as we explore the nature of correlation as a key component to ensuring services perform as intended.   AJ has deep practitioner/leadership experience at companies performing correlation at scale and we thoroughly enjoyed his pragmatic views.  We hope you enjoy it as well!2022-05-1347 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #5 - At the intersection of Observability and SecurityIt’s in their DNA - sysdig (lower case ’s’) started as an open source troubleshooting tool, and the company has maintained that commitment to community.  They donated Falco to CNCF as an incubating project with contributors that include AWS, Google, Microsoft, Cisco, and VMware, they leverage projects such as CloudCustodian in their cloud posture capability, and provide PromQL support for deep analysis.  In this episode, we validate Sysdig’s tagline of ‘dig deeper’ with Alex Lawrence, Principal Security Architect. Please enjoy as Alex discusses Sysdig’s product portfolio, which allows practitioners to manage IaC, and vulnerabilities in CI/CD and reg...2022-04-3044 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #4 - Why Proactive API Security is Today's ImperativeAPIs have become the largest abuse vector with even the most sophisticated development organizations falling prey to exposure.   This episode of the podcast discusses the landscape and where organizations can begin securing their interfaces with Matt Tesauro, Distinguished Engineer at Noname Security providing pragmatic advice.2022-04-1145 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode #2 - Observability with DatadogIn this episode, we speak with Marc Weisman, VP of Product Management, Platform at Datadog.  Marc has spent the last 6+ years with Datadog, defining and expanding their platform at a pace of almost one feature per day.   Marc provides a perspective on observability, how it fits in the enterprise, and some practical implementation guidance.2022-02-0242 minInk8r (in·​cu·​ba·​tor) PodcastInk8r (in·​cu·​ba·​tor) PodcastEpisode#1 - TrailerA brief introduction to the Ink8r Podcast intention and scope2021-12-3000 min