Podcasts about devsecops

In this episode of Resilient Cyber, I sit down with Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, to unpack what application security looks like as AI moves from copilot to autonomous teammate across the software development lifecycle.We dive into:

Unlock how AI is revolutionizing cybersecurity...and what you must do now to stay protected. If you're a security professional, CTO, or business leader navigating a world where vulnerabilities evolve in seconds and AI accelerates both innovation and threat, this episode is your essential playbook. Venu Koyyada, CEO of Strobes Security, shares deep insights from his decade of experience in exposure management and offensive security. He reveals how the latest AI advancements...like scalable agents that automate vulnerability prioritization and validation...are transforming the security landscape. From the dramatic shifts in attack surfaces to the skyrocketing costs of AI-powered cyber threats, this conversation uncovers the urgent challenges...and opportunities...that define our digital future.You'll discover: The real impact of continuous threat exposure management (CTEM) and how it's changing the way companies defend themselves How AI agents are automating vulnerability detection, prioritization, and even patching—cutting down weeks to hours The hidden risks of AI-driven tools being exploited by bad actors with minimal skills Why traditional security approaches are no longer enough in a hyperconnected, AI-enabled world The economic and environmental implications of AI-powered computing demand...and innovative solutions like ocean-based data centers This episode is perfect for cybersecurity leaders, DevSecOps teams, and anyone serious about understanding the next frontier of digital defense. Fail to adapt, and you risk being overwhelmed by the increasing sophistication and speed of cyberattacks. Embrace these insights, and position your organization at the forefront of proactive security innovation.Venu Rao is CEO and co-founder of Strobes Security, a pioneer in AI-driven continuous exposure management. With over a decade in cybersecurity, he helps organizations stay ahead of evolving threats by harnessing AI to build smarter, more dynamic defense strategies.If you're ready to turn security from a ticking clock into a strategic advantage, this episode will boost your knowledge and ignite your action plan. Stay prepared—because in cybersecurity, the next breach may already be in progress.

Starting an AI company is all about spotting a real problem and using AI to solve it in a smarter, faster way than what's out there today. It's less about having the perfect idea and more about starting focused, learning fast, and building something people actually want.This week, Dave, Esmee, and Rob are joined by Gijs van de Nieuwegiessen and Tijn van Daelen, founders of One Horizon AI, to explore what it really takes to start and build an AI‑native company TLDR00:32 – Introduction00:55 – Hang out: Why Dutch names can be a real tongue-twister02:00 – Dig in: Exploring how an AI-native culture fits with human-to-human interaction13:35 – Deep dive with Gijs van de Nieuwegiessen and Tijn van Daelen1:01:54 – Following AI: Bloopers, reflections, and field hockey with the kids GuestGijs van de Nieuwegiessen: https://www.linkedin.com/in/nieuwegiessen/Tijn van Daelen: https://www.linkedin.com/in/tijn-van-daelen-495986131/Open source repo: https://github.com/onehorizonai/ink HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Este episódio aborda os principais desafios em segurança de aplicações, incluindo a cultura organizacional, o alinhamento entre times de desenvolvimento e segurança, e o papel de líderes na transformação dessa cultura. Os convidados compartilham suas experiências na Nova 8 e reflexões sobre como empresas podem evoluir na gestão de vulnerabilidades e segurança de software.Tópicos que conversamos:A dinâmica entre times de segurança (APSEC) e desenvolvimento, e a evolução nas relações de trabalhoOs maiores desafios na adoção de ferramentas de AppSec no ambiente de clientesA importância do planejamento, priorização e cultura na gestão de vulnerabilidadesComo o aculturamento impacta a maturidade da segurança na organizaçãoOs papéis de "médico" e "pai" na gestão de vulnerabilidades e processos de segurançaA influência do alinhamento de do papel de lideranças de segurança e entendimento das metas organizacionaisComo lidar com ruídos e falsos positivos dos scanners de vulnerabilidadesA relação entre cultura, processos, e eficácia na implementação de segurança contínuaBecome a supporter of this podcast: https://www.spreaker.com/podcast/devsecops-podcast--4179006/support.Apoio: Nova8, Snyk, Conviso, Gold Security, Digitalwolk e PurpleBird Security.

Synopsis Cette semaine, un épisode spécial commandité par GitGuardian avec leur fondateur et CEO Eric Fourrier qui se joint à Patrick, Steve et Francis depuis New York. On déroule le rapport annuel State of Secrets Sprawl et le constat est brutal : le nombre de secrets exposés sur GitHub explose, et l'IA n'arrange rien. Les utilisateurs de coding agents leakent deux fois plus de secrets que les développeurs traditionnels, et une nouvelle catégorie de “vibe codeurs” sans formation sécurité produit du code rempli de clés API directement dans les fichiers de config. Eric détaille la nouvelle économie d'attaque où voler des secrets est devenu l'objectif #1 : que ce soit via du phishing, du social engineering ou des compromissions supply chain comme Shai-Hulud, LiteLLM ou l'attaque récente sur NX, tout converge vers le même but. Les machines des développeurs sont devenues la cible privilégiée parce qu'elles concentrent à la fois les accès, les secrets et maintenant les coding agents connectés à tout (GitHub, Jira, CRM, bases de données) via MCP et autres intégrations. La conversation s'attaque ensuite au cas Axios et à la méthode des Nord-Coréens qui exploitent l'ingénierie sociale pour piéger les mainteneurs de packages open source — un faux call de business, un faux fichier joint, et c'est tout l'écosystème en aval qui se retrouve compromis. Patrick et Steve ramènent le débat sur la réalité des PME québécoises qui ne savent même pas où sont leurs secrets, et encore moins comment gérer un vault. L'épisode se termine sur une réflexion essentielle : la sécurité n'est pas une valeur absolue, c'est un trade-off. Les approches les plus parfaites sont souvent celles qui découragent les équipes et finissent par ne jamais être implémentées. Eric annonce aussi la récente levée de fonds de 50 M$ de GitGuardian et leur recrutement actif. Crew Patrick Mathieu Steve Waterhouse Francis Coats Eric Fourrier - Fondateur et CEO de GitGuardian Liens et ressources Eric Fourrier / GitGuardian GitGuardian - site officiel Rapport State of Secrets Sprawl 2026 Rapport State of Secrets Sprawl 2025 Levée de fonds Série C - 50M$ GitGuardian Careers Attaques supply chain mentionnées Shai-Hulud npm worm LiteLLM compromise Compromission Axios via mainteneur Concepts abordés MCP - Model Context Protocol Principe du moindre privilège Shamelessplug Join Discord securite.fm Hackfest 2026 - Québec iHack 2026 Crédits Montage audio par Hackfest Communication Locaux virtuels par Streamyard Épisode commandité par GitGuardian

Open Source is giving AI a real boost, making it easier and faster for organisations to build and experiment with new ideas. As adoption grows, these open ecosystems are helping businesses move quicker, stay flexible, and unlock value with more confidence.This week, Dave, Esmee, and Rob are joined by Richard Harmon, VP & Global Head of Financial Services at Red Hat to explore how Open Source is shaping AI, from mainframes to Kubernetes, and from regulation and sovereignty to a future of AI agents writing code. TLDR00:25 – Introduction00:52 – Hangout: Deep democracy training and “what instrument are you?”03:19 – Dig in: Open‑source culture and AI, do they complement each other?10:02 – Conversation with Richard Harmon51:12 – Sitting in the chair and trying to keep up with AI GuestRichard Harmon: https://www.linkedin.com/in/richardlaurenharmon/ HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

A maioria dos programas de AppSec está afogada em findings, dashboards, scanners, CVEs, SLAs e relatórios que ninguém aguenta mais ler. O problema não é falta de ferramenta. O problema é falta de contexto, correlação e inteligência para entender o que realmente importa. Neste episódio, eu apresento o M.A.R.I.A., o Management Application Risk Integrated Analysis, uma plataforma criada para atuar como uma camada de inteligência de risco em Segurança de Aplicações. O M.A.R.I.A. não nasceu para ser mais um scanner. Ele nasceu para responder perguntas que ferramentas tradicionais normalmente ignoram: qual aplicação está realmente em risco? Qual vulnerabilidade merece atenção agora? Qual time precisa de ajuda? Qual mudança aumentou o risco do ambiente? A proposta é simples e ambiciosa: conectar dados de SAST, DAST, SCA, IaC, Secret Scan, pipelines, repositórios, contexto de negócio e exposição real para transformar ruído em decisão. Porque no fim do dia, AppSec não deveria ser uma fábrica de tickets. Deveria ser um sistema de priorização inteligente para proteger o que importa. Neste episódio, falo sobre:Por que scanners sozinhos não resolvem AppSecO problema real por trás do excesso de vulnerabilidadesA diferença entre dashboard, ASPM e inteligência de riscoComo o M.A.R.I.A. pretende correlacionar contexto técnico e contexto de negócioOnde entram risco, exposição, criticidade, SLA, dívida de segurança e Security ChampionsPor que AppSec precisa sair do modo “lista de problemas” e entrar no modo “tomada de decisão”Um episódio para quem está cansado de medir segurança por quantidade de findings e quer começar a discutir risco de verdade.Become a supporter of this podcast: https://www.spreaker.com/podcast/devsecops-podcast--4179006/support.Apoio: Nova8, Snyk, Conviso, Gold Security, Digitalwolk e PurpleBird Security.

The SaaSpocalypse marks the end of traditional CRM with manual data entry, rigid interfaces, and seat‑based software no longer make sense in an AI‑driven world. Success now depends on outcome‑focused plumbing: intelligent orchestration that delivers results, not screens.This week, Dave, Esmee, and Rob are joined by Hannah Datz, Americas Vice President of CRM at ServiceNow, to unpack the major announcements from ServiceNow Knowledge 2026 in Las Vegas and explore how AI is accelerating the SaaSpocalypse and driving a fundamental shift in the future of CRM. TLDR00:34 – Introduction 00:54 – Hang out: Happy Password Day and emerging threats 06:46 – Conversation with Hannah Datz 57:20 – From tennis excitement to the best burger ever GuestHannah Datz: https://www.linkedin.com/in/hannahdatz/ HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

What changed between episode 1 and episode 100, and what stayed surprisingly constant? The hosts revisit infrastructure as code, observability, incident response, secrets, compliance, and supply chain security through the lens of six years of conversations. It is part retrospective, part editorial reset for what the next 100 episodes should focus on.  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

This episode is made possible by GitGuardian. Jeff speaks with Dwayne McDaniel, Principal Developer Advocate at GitGuardian, about secrets sprawl, non-human identity governance, and the findings of the State of Secret Sprawl 2026 report. With 28.6 million secrets leaked to public GitHub in 2025 - a 34% year-over-year increase - they explore why hardcoded credentials persist, how agentic AI tools are making the problem worse, and what IAM practitioners can do to start addressing machine identity governance. Topics include GitGuardian's Good Samaritan notification program, the growing NHI inventory challenge, SPIFFE and SPIRE as a path to zero standing privilege, and data showing Claude Code co-authored commits are more than twice as likely to contain leaked secrets. Visit gitguardian.com/lps/idac to learn more.Connect with Dwayne: https://www.linkedin.com/in/dwaynemcdaniel/Dwayne's website: https://dwayne-mcdaniel.com/Learn more about GitGuardian: https://www.gitguardian.com/lps/idacGitGuardian Good Samaritan Program (free) - https://www.gitguardian.com/good-samaritanThe State of Secrets Sprawl 2026: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026SPIFFE Book: https://spiffe.io/book/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTIMESTAMPS:00:00 Introduction and sponsor welcome00:48 Dwayne's background and path to developer advocacy04:11 Surprises from entering the identity and security space06:29 What a principal developer advocate actually does09:32 Why secrets became Dwayne's focus area14:10 GitGuardian: overview and mission19:36 Where secrets commonly leak across the SDLC22:17 The Good Samaritan notification program explained28:00 Why 70% of leaked secrets from 2022 were still valid in 202533:54 State of Secret Sprawl 2026: the year software changed40:39 AI coding tools, Claude Code, and secrets leakage data47:28 Practical questions for IAM practitioners to start asking52:24 Zero standing privilege and the case for SPIFFE/SPIRE01:00:00 Resources: the SPIFFE book, WIMSE, and AWS STS01:02:51 Hot sauce, the Cubs, and closing thoughtsKEYWORDS:secrets sprawl, hardcoded secrets, non-human identity, NHI governance, GitGuardian, SPIFFE, SPIRE, workload identity, DevSecOps, agentic AI, Claude Code, zero standing privilege, supply chain security, credential abuse, identity and access management, IAM, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dwayne McDaniel

#349: Every platform you already own is about to have AI baked into it. Not next year. This year. That is Ben Wilcox's blunt prediction, and Ben is the CTO and CISO at ProArch, so when he says shadow AI is going to make shadow IT look quaint, it is worth slowing down to figure out what that actually means. The data leaves your stack through tools you already paid for, through features the vendor shipped without asking, through copilot agents nobody filed a ticket for. Here is the uncomfortable part. This is not a new problem. It is the exact same retroactive-security failure pattern that broke DevSecOps, just with higher stakes and a faster clock. A pen test done six months ago is already obsolete because the app added AI in the meantime. Models get deprecated on seven-month windows while frameworks still get years of support. The whole "we will deal with it at the end" approach that worked badly for cloud and worked worse for containers is going to be catastrophic for AI. The fix is older than the problem. Landing zones. Well-architected frameworks. A storage account that already has the right policy. An API gateway already in front of the API. The developer should not be picking from twenty checkboxes to figure out which combination is secure -- that decision should already be made before the ticket lands. Stop forcing developers onto the security team. Stop running security reviews while the head developer sweats through his shirt right before release. Build the foundation up front and let the developer deploy into it. Then the harder question. The leaders making these calls today are the same engineers who lived through every prior cycle of this exact pain. Why are they letting another generation eat it again? Viktor's answer is one line: "It's my time now, baby." Ben does not disagree. PE pressure, VC timelines, race-to-market everything -- the budget exists, the tools exist, the patterns exist. What is missing is the will to invest two weeks up front so the last two months do not turn into panic. Ben's practical advice for any leader dipping a toe in: do not do it alone, inventory everything, talk to sales and finance and the developers, and assume the conversation you are having today will be obsolete in six months.   Ben's contact information: LinkedIn: https://www.linkedin.com/in/ben-wilcox/   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

This episode of Tech Transforms features Dave Raley, Chief Digital Business Officer at Marine Corps Community Services, unpacking Operation Stormbreaker, the Marine Corps' cloud-native software factory and platform as a service. He explains how it slashes deployment timelines from 18 months to about 15 minutes per build by combining shared infrastructure, DevSecOps pipelines, and continuous authorization, helping federal mission owners and vendors securely deliver new capabilities faster.

Todo mundo fala de DevSecOps. Todo mundo fala de IA. Mas quase ninguém conectou os pontos do jeito certo ainda. Neste episódio, a gente entra em um território que está começando a separar quem só usa ferramenta de quem realmente entende o jogo: SpecOps com IA. E não, isso não é sobre mais um YAML bonito ou documentação que ninguém lê. É sobre transformar especificações em algo vivo. Algo que define o sistema antes do código existir… e impede que ele saia da linha depois. A conversa passa por:por que “finding-based security” já não escala maiscomo a IA pode validar intenção, não só códigoo conflito direto entre vibe coding e governança realcomo specs podem virar enforcement automático no pipelinee o que muda quando segurança deixa de ser checklist e vira contratoA gente também traz isso para o mundo real:como integrar isso com pipelines atuaisonde ferramentas como SAST e SCA entram (e onde deixam de ser suficientes)e como esse modelo pode evoluir para algo muito mais próximo de risk-driven securitySe você ainda está medindo segurança só por quantidade de vulnerabilidades, esse episódio vai te incomodar. Do jeito certo.Become a supporter of this podcast: https://www.spreaker.com/podcast/devsecops-podcast--4179006/support.Apoio: Nova8, Snyk, Conviso, Gold Security, Digitalwolk e PurpleBird Security.

Podcast: Exploited: The Cyber Truth Episode: Trust at Machine Speed: AI, DevSecOps, and Zero Trust in National Security SoftwarePub date: 2026-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationArtificial intelligence is moving faster than the policies, security controls, and acquisition processes designed to govern it—especially in national security environments where preventing failure is mission-critical. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Nicolas Chaillan, the host of In the Nic of Time and Former DAF CSO, to examine a central question: how do you build trust in systems that operate, adapt, and make decisions at machine speed? Drawing on his experience deploying DevSecOps across the Department of Defense and building large-scale AI platforms, Chaillan offers a direct perspective on what's working, what isn't, and where organizations are falling behind. Together, they explore: Why multi-model AI strategies are critical to avoid lock-in and improve outcomesHow AI is accelerating software development, testing, and security workflowsWhere policy and governance are lagging behind technical realityThe risks of restricting access to critical AI capabilitiesWhat zero trust looks like in systems driven by automation and AI From defense systems to software pipelines, this episode examines what it takes to move fast without losing control—and what leaders need to understand as AI becomes embedded across the mission stack.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In the Elixir Wizards season 15 premiere, host Charles Suggs is joined by Holden Oullette, Senior Security Software Engineer at Netflix and maintainer of Sobelow, to talk about how security is evolving in the Elixir ecosystem. We discuss how certain features of the Elixir programming language (like functional patterns and server-side rendering) provide natural immunity against some common vulnerabilities, and what that means as the language continues to grow. Holden shares how tools like Sobelow are adapting and how new technologies like LLMs and Elixir's type system may help to strengthen security practices. We cover supply chain risks, ecosystem-level responsibility and reputation management, and how initiatives like AEGIS are prepping the community for more widespread adoption. We wrap with practical tips for teams to be more security-minded throughout the software development lifecycle without slowing everything down. Key topics discussed in this episode: How Elixir's design influences secure-by-default development Security tradeoffs between server-side and client-heavy architecture Supply chain risks and what the ecosystem is doing to prepare Static analysis with tools like Sobelow and AST-based pattern matching Where LLMs fit into modern security workflows The role of Elixir's upcoming type system in improving tooling Securing CI/CD pipelines and production environments Balancing development speed with security requirements Dependency management and vulnerability monitoring The AEGIS Initiative and ecosystem-wide security efforts Links mentioned: Holden's GitHub https://github.com/houllette Elixir Programming Language https://elixir-lang.org/ Security-focused static analysis for the Phoenix Framework https://github.com/nccgroup/sobelow Code Security for Builders https://semgrep.dev/ Erlang Ecosystems Foundation https://erlef.org/ Phoenix Framework https://www.phoenixframework.org/ WebSockets https://hexdocs.pm/phoenix_live_view/Phoenix.LiveView.Socket.html https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API Open Worldwide Application Security Project https://owasp.org/ https://github.com/elixir-ecto/ecto Log4j Vulnerability https://www.ncsc.gov.uk/information/log4j-vulnerability-what-everyone-needs-to-know React2Shell Vulnerability https://www.finra.org/guidance/guidance/cybersecurity-advisory-react2shell The Heartbleed Bug https://www.heartbleed.com/ Elixir Type System https://hexdocs.pm/elixir/main/gradual-set-theoretic-types.html Holden Oullette “Securing the Future: A Roadmap to Making Elixir the Safest Language” ElixirConf 2024 https://youtu.be/gpvKxS6sY8Y Aegis Initiative: Supply Chain Security & Compliance Initiative https://security.erlef.org/aegis/ OIDC Tokens https://openid.net/ Anthropic's Claude Mythos & Cybersecurity https://red.anthropic.com/2026/mythos-preview/ Igniter Code Generation Framework https://github.com/ash-project/igniter https://smartlogic.io/podcast/elixir-wizards/s13-e01-igniter-code-generation-zach-daniel/ Secure-by-default open source software https://www.chainguard.dev/ https://www.docker.com/ https://github.com/dependabot https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/apis-apiid-models.html https://nixos.org/ https://smartlogic.io/podcast/elixir-wizards/s14-e08-nix-for-elixir-apps/ https://fedoraproject.org/ https://kubernetes.io/ https://netflix.github.io/chaosmonkey/ https://netflixtechblog.com/all?topic=chaos-monkeySpecial Guest: Holden Oullette.

AI is only as strong as the data beneath it, and as it moves into the core of the enterprise, fragmented, duplicated, and poorly governed data is no longer hidden in the background, it's amplified, exposed, and impossible to ignore.This week, Dave, Esmee, and Rob are joined by Edward Calvesbert, VP Product Management for IBM watsonx AI & Data Platform, to dig into the foundations of enterprise AI, from data silos and the SaaSpocalypse to lakehouse architectures and agent‑driven workflows. TLDR00:17 – Introduction 00:55 – Dig in: The big data unlock for AI14:02 – Conversation with Edward Calvesbert57:58 – Hiking Mount Rainier near Seattle GuestEdward Calvesbert: https://www.linkedin.com/in/ecalvesbert/ HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Send us Fan MailKen and Mike are back in the AI trenches, this time unpacking the hype, fear, and practical security implications surrounding Anthropic's Mythos preview. As the industry reacts to claims around AI-driven vulnerability discovery and exploit generation, the hosts ask a more important question: are we actually ready to fix what we already know is broken?The conversation cuts through the zero-day panic and focuses on the fundamentals that still matter: patching, hardening, reducing attack surface, validating AI-generated code, and keeping deterministic security checks in place. From supply chain attacks and GitHub Actions misconfigurations to agentic development workflows and the future of CI/CD, Ken and Mike explore where AI may genuinely change the threat landscape and where security teams are still fighting the same old battles.If your organization is rushing to build faster with AI, this episode is a reminder to also use it to build better.

On April 22, 2026, the Bitwarden CLI, used in CI/CD pipelines at tens of thousands of organizations, was weaponized for exactly 93 minutes. In this episode, Darnley walks through the anatomy of the supply chain attack that compromised bitwarden cli version 2026.4.0: how the threat group exploited a compromised Checkmarx GitHub Action to inject credential-stealing malware into Bitwarden's npm publishing pipeline, what the worm actually stole, how it self-propagated by republishing victims own npm packages, and why the fact that "no vault data was compromised" misses the point...Packed with practical technical guidance on pipeline hardening, package pinning, least-privilege, and the one npm setting that could have blocked this attack entirely...this episode is essential listening for developers, IT security teams, and anyone responsible for a software supply chain who need to hear it. Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

Send us Fan MailIn Episode 87 of Application Paranoia, Colin Bell is joined by Rob Cuddy and Kris Duer to unpack the industry's growing push toward security platform consolidation.Are customers really asking for fewer tools, or are vendors shaping the narrative? Is consolidation improving security outcomes, or simply making complexity easier to explain to executives, boards, and auditors?The team also discusses AI-generated code, customer questions from the field, SAST analysis choices, data flow, false positives, and Kris's take on AI fear-based marketing.Plus: NPC streaming, Second Life hacking nostalgia, golf season, proactive SCA monitoring, and a quick preview of Colin and Kris's upcoming webinar on AI-assisted development.Webinar: Join Colin and Kris on 6 May for a discussion on how AI is changing how code gets written, trusted, validated, and approved. Register here: https://www.linkedin.com/events/7449460461881704448/

Las Vegas, you're officially on the record during Google Cloud Next 2026. The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas.This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond.Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones. Dave, Rachel, and Rob close out their conversation with Cliff Krimmel, Head of Customer Engineering for Banking at Google Cloud, diving into the changing stack and the rise of the agentic development platform. TLDR00:32 – Day 3 kicks off01:25 – Hang out: Travel-ready tips05:18 – Dig in: The Agentic Data Cloud09:00 – Conversation with Cliff Krimmel32:05 – Closing with burgers & hotdogs GuestCliff Krimmel: https://www.linkedin.com/in/ckrimmel/ HostsDave Chapman:   https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:   https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:   https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:   https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:   https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:    https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Las Vegas, you're officially on the record during Google Cloud Next 2026. The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas.This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond.Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones. Dave, Rachel, and Rob discusse the highlights of Google Cloud Next 2026! TLDR00:24 – Introduction01:14 – Hang out: Progress from Google Cloud Next 2025 to Google Cloud Next 202608:15 – Dig in: Executive overview of this year's key themes31:38 – Closing remarksHostsDave Chapman:   https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:   https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:   https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:   https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:   https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:    https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Las Vegas, you're officially on the record during Google Cloud Next 2026. The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas.This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond.Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones. Dave, Rachel, and Rob continue their conversation with Khulan Davaajav, Product Marketing Manager, Generative Media Models at Google about the rise of creative AI and how it's redefining human expression in the age of intelligent tools. TLDR00:24 – Day 2 on it's way!00:40 – Hangout: Producer distracted and Rob's red eye03:31 – Highlights: Roving reporter's media related announcements07:16 – Conversation with Khulan Davaajav34:24– Mongolian BBQ GuestKhulan Davaajav: https://www.linkedin.com/in/khulandav/ HostsDave Chapman:   https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:   https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:   https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:   https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:   https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:    https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Las Vegas, you're officially on the record during Google Cloud Next 2026. The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas.This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond.Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones. Dave, Rachel, and Rob continue their conversation with Gina Fratarcangeli, Managing Director and NA GSI Leader, exploring how partners are redefining their role, from funding models and board‑level conversations to shaping the agentic enterprise blueprint. TLDR00:24 – Day 2 kicks off!00:40 – Hangout: impressions from GCN '26 at the Mandalay Bay Convention Center and Dave denting his stuff05:26 – Dig in: What announcements our roving reporter spotted09:54 – Conversation with Gina Fratarcangeli32:41 – Texas brisket on paper BBQ GuestGina Fratarcangeli: https://www.linkedin.com/in/gina-fratarcangeli/ HostsDave Chapman:   https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:   https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:   https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:   https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:   https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:    https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Las Vegas, you're officially on the record during Google Cloud Next 2026.The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas. This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond. Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones.Dave, Rachel, and Rob kick off the event with Mark Steel, Director of Retail Industry, EMEA at Google Cloud, diving into the rise of Agentic Commerce and how AI agents are redefining the relationship between brands, retailers, and consumers.TLDR00:24 – Guest introduction and this week's key themes00:52 – Hangout: new podcast equipment and roving reporter Rachel Belmonte05:52 – Dig in: what to expect from Google's announcements11:41 – Conversation with Mark Steel39:10 – Favourite BBQ picks GuestMark Steel: https://www.linkedin.com/in/marksteel220/ HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Las Vegas, you're officially on the record during Google Cloud Next 2026. The #RealitiesRemixed podcast team is back at GCN'26, recording live from the Strip, where bright lights collide with big ideas.This week, we're swapping roulette wheels for real talk, hosting live conversations with Google leaders who are redefining what's next across AI‑first enterprise transformation, agentic AI, data, sovereignty, security, and beyond.Expect sharp insights, bold opinions, and future‑shaping conversations, delivered straight from Las Vegas to your headphones. Dave, Rachel, and Rob continue the conversation with Dominic Cody, Global Director of Technology, Distributed Cloud, about the Sovereign Edge and reclaiming control in the age of Agentic AI. TLDR00:24 – Guest introduction and this week's key themes00:40 – Hangout: AI on the Expo floor and roving reporter Rachel Belmonte01:24– Dig in: what to expect from Google's announcements05:36– Conversation with Dominic Cody31:28 – Favourite BBQ picks GuestDominic Cody: https://www.linkedin.com/in/dominiccody/ HostsDave Chapman:   https://www.linkedin.com/in/chapmandr/Rachel Belmonte:  https://www.linkedin.com/in/rachel-belmonte-63550358/Rob Kernahan:   https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:   https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:   https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:   https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:    https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Realities Remixed, formerly know as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.As AI accelerates the shift from networks to ecosystems, organisations face a growing tension between fast‑moving technology and slower, socially driven organisational change. Success in the “Never Normal” will depend less on intelligence itself and more on leadership qualities, judgement, narrative, trust, and the ability to create space for corporate explorers to build the Day After Tomorrow, not just optimise today.This week, Dave, Esmee, and Rob are joined by Peter Hinssen, keynote speaker, author and lecturer and co-founder of nexxworks to explore how leaders navigating through rapid change, focused on transforming uncertainty into opportunities for growth and innovation.. TLDR00:41 – Guest introduction and overview of this week's theme 01:02 – Hangout: Episode 200! 06:25 – Dig in: Deep dive into the pace of change 14:17 – Conversation with Peter Hinssen on adaptive organisations and leadership styles 55:10 – Continuing the conversation about Tech 1:11:20 – Travel to Taiwan, Silicon Valley, and China GuestPeter Hinssen: https://www.linkedin.com/in/phinssen/https://www.peterhinssen.com HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

In an era where technological progress reshapes power, security, and prosperity at unprecedented speed, societies face a defining choice: adapt incrementally or reinvent boldly. How can breakthrough and disruptive technologies enable strategic leapfrogging, transforming long‑term ambition into real‑world impact amid a rapidly shifting global landscape.This week, Dave, Esmee, and Rob are joined by Andre Loesekrug-Pietri, Chair and the Scientific Director of the Joint European Disruptive Initiative (JEDI, the European ARPA), to explore the ambition behind and what it would take for Europe to stop reacting to technological change and start shaping it. TLDR00:30 – Guest introduction and overview of this week's conversation01:35 – Team Dig in: Is Europe falling behind on competitiveness?13:52 – Conversation with Andre Loesekrug-Pietri1:00:19 – Traveling to Japan with the French president GuestAndre Loeskrug-Petri: https://www.linkedin.com/in/andrepietri/X: @eurojediwww.jedi.foundationHostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Today, Armada is opening its first Galleon Experience Center in Washington, DC.A live environment showcasing what it actually takes to run AI at the edge—bringing together ruggedized infrastructure, cloud, and secure software deployment. With 2F Frontier as part of the stack, extending DevSecOps to disconnected, real-world environments.And with Offset 2026 right around the corner, it felt like the right time to revisit a timely conversation from last year.On the Offset stage, Tyler Sweatt, Pradeep Nair (Armada), Leigh Madden (Microsoft), and Korie Seville (DISA) got into:The gap between data and decision at the edgeWhat breaks between connectivity, compute, and deploymentWhy speed to mission still comes down to authorization And if you want to be part of where this is going next, register for Offset 2026.______From oil platforms to special‑ops posts, cloud infrastructures are now being deployed in environments they weren't initially designed for. This panel explores how customized edge architectures and commercial integrations orchestrate distributed services and securely manage intermittent connectivity. All while addressing ongoing challenges in latency, interoperability, and standardization to deliver resilient, mission‑critical private clouds.Connect with the speakers:Tyler SweattPradeep NairLeigh MaddenKorie Seville

Michael Irwin of Docker joins me to run through Gordon AI improvements, Docker Hardened Images and what's now free, Docker Sandboxes for running agents in proper isolation, Model Runner updates including MLX support on Mac, MCP Toolkit dynamic discovery, and the newly renamed Docker Agent with its GitHub Action for automating PR reviews and docs checks.Check out the video podcast version here: https://youtu.be/dTF3b36Bq6w

Realities Remixed, formerly known as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.One of the most fundamental challenges in modern computing is the growing hardware–software mismatch. As Moore's Law slows and performance gains no longer come “for free,” software built on Turing‑era, sequential assumptions struggles to keep pace with today's highly parallel, heterogeneous hardware. That disconnect is now a central constraint on innovation.This week, Dave, Esmee, and Rob are joined by Peter Richards, advisor and AJ Guillon, founder of YetiWare, to explore why this mismatch persists, what it means for organizations today, and how emerging approaches may redefine the relationship between software and hardware in the years ahead. TLDR00:35 – Introduction01:04 – Hang out: How deep can we go, and what is the history of the compute era?07:00 – Dig in: The power demands of LLMs, data centers, scale, size and potato chips15:35 – Conversation with Peter Richards and AJ Guillon55:31 – Spring cleanup with a chainsaw and cycling GuestPeter Richards: https://www.linkedin.com/in/peter-richards-3b99688/AJ Guillon: https://www.linkedin.com/in/ajguillon/ HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Send us Fan MailIs AI making application security obsolete, or exposing new risks we don't fully understand?In Episode 86 of Application Paranoia, Colin Bell is joined by Rob Cuddy and Kris Duer to challenge the growing narrative driven in part by Anthropic that AI-powered development could replace traditional AppSec.The team explores whether AI is accelerating productivity at the expense of understanding, and what that means for developers, security teams, and organisations trying to keep pace.They also discuss: Whether AI is changing how we think (and learn)  The risks of “vibe coding” and over-reliance on LLMs  Why AppSec isn't disappearin but evolving  Key findings from the latest AppSec trends report, including AI adoption, API visibility gaps, and ownership challenges And of course, a new term is born: confidence laundering.

Realities Remixed, formerly known as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.In a world defined by constant change, leaders must evolve from rigid hierarchies to emotionally intelligent, empowering leadership. By fostering adaptability, continuous learning, distributed leadership, and a culture of curiosity, organisations become better equipped to navigate technological disruptions, such as AI, with resilience and innovation.This week, Dave, Esmee, and Rob are joined by Jana Werner and Phil Le-Brun, Executives in Residence at AWS to explore what it really takes for organisations to thrive in a world of continuous transformation, and why rigid hierarchies, control, and over-designed change programmes so often get in the way.  TLDR00:42 – Guest introduction and overview of this week's theme01:26 – Team dig-in: A new cycle of change is on it's way19:27 – In‑depth conversation with Jana and Phil57:37 – Octopus playlist and case study highlights GuestJana Werner: https://www.linkedin.com/in/janawerner1/Phil Le-Brun: https://www.linkedin.com/in/phillebrun/https://www.theoctopusorganization.com/ A Guide to Thriving in a World of Continuous Transformation HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Bret is joined by the founders of Plakar - Julien Mangeard and Gilles Chehade - to nerd out over backup engineering. The kind where you're building your own file formats and cryptographic layers, not just wiring up cron jobs. We get into how Plakar deduplicates and encrypts at the source so your cloud provider never sees your keys. Also, their snapshot model has no chain dependencies, which means you can delete any backup without breaking the others. We had a fun hour of backup horror stories, ransomware pragmatism, where I'm lobbying hard for a Docker volume integration.Check out the video podcast version here: https://youtu.be/OPRK5osKQHI

Realities Remixed, formerly known as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.Technology and AI are rapidly transforming marketing, challenging old assumptions and shifting the focus toward analytics‑driven precision, smarter segmentation, and multimodal content. As attention becomes harder to capture and creative workflows evolve, the real advantage lies in adapting for an AI‑first environment, especially by rethinking overlooked segments like the mid‑market and being far more specific in strategy and execution. This week, Dave, Esmee, and Rob are joined by Carlos Corredor, founder and CEO of Condor, to discuss the difference between value metrics and vanity metrics in modern marketing and why many organisations still struggle to connect marketing activity to real business results. TLDR00:32 – Introduction00:59 – Hang out: Staying healthy06:10 – Dig in: The valuable to measure with metrics17:52 – Conversation with Carlos Corredor47:15 – Looking ahead to the World Cup football GuestCarlos Corredor: https://www.linkedin.com/in/carlos-corredor-condor/HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Send a textKen and Mike are back from the grave to kick off 2026 with a timely debate on the AI panic cycle hitting software and security. They dig into the biggest questions flying around the industry right now: Is AI taking developer and security jobs? Is SaaS dying? Is software engineering being replaced by vibe coding and agents? From maker-checker workflows and token costs to AI-generated bugs, false positives, and attackers using autonomous tooling to move faster, this episode cuts through the hype from both the doomer and evangelist camps. The conclusion: software isn't dead, security definitely isn't solved, and the teams that adapt their craft instead of abandoning it will be the ones that keep up.

Realities Remixed, formerly know as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.After years of remote‑first work built on swift trust, companies are asking a harder question: what does a organization really stand for when people rarely show up together? As AI accelerates change, leaders are rethinking presence, team design, and collaboration to fuel trust, innovation, and growth. This week, Dave, Esmee, and Rob are joined by Dr. Tim Currie, disruptor, author, innovator, and advisor, to examine transformation versus trust, the role of AI, and whether organisations can truly build culture without deeper human connection. TLDR00:42– Introduction01:10 –  Hang out: New film releases07:17 – Dig in: The trust gap in remote work17:57 – Conversation with Dr. Tim Currie54:07 – The Wizard of Oz at the Sphere in Las Vegas and staying connected GuestDr. Tim Currie: https://www.linkedin.com/in/dr-tim-currie-37756a/Book Swift Trust: https://swifttrustbook.com/HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Realities Remixed, formerly know as Cloud Realities, launches a new season exploring the intersection of people, culture, industry and tech.Business messaging is transforming customer engagement by enabling brands to move conversations into familiar, always‑on messaging platforms. The result for customers is greater convenience, quicker resolutions, and more meaningful, personalized interactions. This week, Dave, Esmee, and Rob are joined by Kathleen Tandy, Global Director and Head of Business Messaging Marketing and WhatsApp for Business at Meta , to explore how companies are using messaging platforms to engage customers, what customers expect from these experiences, and the challenges of scaling messaging in tech.TLDR00:35 – Introduction01:00 –  Hang out: The new Remarkable05:25 – Dig in: Using messaging to enhance customer experiences20:49 – Conversation with Kathleen Tandy55:26 – The passion for college football and championship weekend!GuestKathleen Tandy: https://www.linkedin.com/in/kptandy/HostsDave Chapman: https://www.linkedin.com/in/chapmandr/Esmee van de Giessen: https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan: https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg: https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman: https://www.linkedin.com/in/chapmandr/ SoundBen Corbett: https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:  https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

Andrey and Mattias share a fast re:Invent roundup focused on AWS security. What do VPC Encryption Controls, post-quantum TLS, and org-level S3 block public access change for you? Which features should you switch on now, like ECR image signing, JWT checks at ALB, and air-gapped AWS Backup? Want simple wins you can use today?  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

Container base images (like Official Docker Hub images) are often updated without new tag versions. I call this Silent Rebuilds. There's no way to know this happens without image digest-checking automation like Dependabot and Renovate with specific settings. Failure to keep up-to-date is a prime source of vulnerabilities that can lead to serious security breaches. Automate the updates!Check out the video podcast version here: https://youtu.be/z_ahbsSc4Fo

Realities Remixed, formerly know as Cloud Realities, launches a new season exploring the intersection of people, culture, industry, and tech. Energy transportation is a deeply local business, safely delivering gas and electricity, more and more from renewable sources, directly to the communities it serves. Technology and AI help make that possible by strengthening safety, bringing companies closer to customers, and enabling teams to build the future together. This week, Dave, Esmee, and Rob are joined by John Koerwer, CIO of UGI Corporation, to explore explore why “the business” and tech still struggle to speak the same language, nd what helps close the gap.TLDR00:35 – Introduction01:17 – Hang out: new toys and coffee07:55 – Dig in: the business - tech divide21:07 – Conversation with John Koerwer59:40 – The amazing AI technology in The Sphere's version of The Wizard of OzGuestJohn Koerwer: https://www.linkedin.com/in/john-koerwer-46102127/HostsDave Chapman: https://www.linkedin.com/in/chapmandr/Esmee van de Giessen: https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan: https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg: https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman: https://www.linkedin.com/in/chapmandr/ SoundBen Corbett: https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:  https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

How real-time security transforms ERP systems in a cloud-driven world, spotting threats instantly, leveraging AI for proactive defense, and closing common blind spots before breaches escalate. Curious about staying ahead of cyber risks?=====Mohammed Moidheen, SAP security architect at Infosys, unpacks why real-time monitoring is vital amid 2,200 daily cyber attacks costing trillions annually. He highlights blind spots like unmonitored access vulnerabilities, ignored audit logs, unsecured APIs, privileged accounts, insider threats, and poor event correlation in S/4HANA Cloud setups. AI evolves detection with predictive intelligence, automated responses, natural language queries, and cross-system pattern spotting, shifting from reactive to proactive security. Real-world cases show systems halting unusual data downloads and insider data exfiltration in minutes. Advice includes aligning with governance, prioritizing crown jewels, setting baselines, training teams, and correlating data. Infosys aids via assessments and foundational builds.Listen now and rethink what ERP can do for your organization!⁠⁠⁠⁠Download Episode Transcript⁠⁠⁠⁠Useful Links: ⁠SAP Cloud ERP⁠Infosys.comFollow Us on Social Media!SAP S/4HANA Cloud ERP: LinkedIn=====Guest: Mohammed Khan Moidheen, SAP Security Architect at Infosys ConsultingMohammed Khan Moidheen is a Senior SAP Security architect with over 12 years of experience securing and operating large scale SAP landscapes across global enterprises. His expertise spans SAP S/4HANA security, ERP platform services, DevSecOps enablement, and designing audit ready security architectures aligned with frameworks such as ISO 27001, NIST, and GDPR.Mohammed is CISSP and CISA certified and I excel at translating complex security requirements into actionable strategies that are practical , strategically aligned and strengthen organisational resilience.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠⁠LinkedIn⁠⁠⁠⁠ and ⁠⁠⁠⁠X⁠⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's ⁠LinkedIn⁠ and ⁠SAP Community⁠=====Key Topics: real-time security, ERP monitoring, cloud threats, SAP S/4HANA, access management, audit logs, AI threat detection, insider threats, privileged accounts, predictive intelligence

https://clearmeasure.com/developers/forums/ Paul Duvall is an award‑winning author, longtime DevOps leader, and former AWS executive with more than two decades of experience in software engineering. He co‑founded Stelligent, establishing a business dedicated to enabling enterprise customers adopt DevOps and Security practices on AWS. He is the author of the book at defined CI for the world: Continuous Integration: Improving Software Quality and Reducing Risk. The book received the 2008 Jolt Award and continues to be the official textbook for continuous integration. Today, he focuses on helping engineering teams adopt AI‑native and DevSecOps practices, drawing on multiple decades of delivering and managing software solutions. Mentioned in this Episode LinkedIn Website X Account Continuous Integration  Github  AI Development Patterns Redacted Adventures  Making CI CD Invisible a Vision for Zero Touch Delivery -  Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

This week on Defender Fridays, Farshad Abasi, Founder and CEO of Forward Security and Eureka DevSecOps, discusses how AI can help us set a new standard in app and cloud security. Farshad brings over 27 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad's commitment to the field extends to his role as an instructor at BCIT, where he imparts his wealth of knowledge to the next generation of cybersecurity experts. His diverse experience, which spans startups to large enterprises, informs his approach to delivering adaptive and reliable solutions.Engaged actively in the cybersecurity community through roles in BSides Vancouver/MARS, OWASP Vancouver/AppSec PNW, and as a CISSP designate, Farshad's vision and leadership continue to drive the industry forward. Under his guidance, Forward Security is setting new standards in application and cloud security. Learn more at https://www.eurekadevsecops.com/ and https://forwardsecurity.com/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

Realities Remixed, formerly know as Cloud Realities, launches a new season exploring the intersection of people, culture, technology, and society. Hosts Dave Chapman, Esmee van de Giessen, and Rob Kernahan unpack 2026's defining trends, from AI and sovereignty to adaptability and automation, offering fresh insight, candid reflections, and forward‑looking conversations shaping the year ahead. TLDR00:20 – Introduction of Realities Remixed02:30 – Why the show evolved?04:50 – Dig in with the team: Predictions for 202606:40 – Macro trends13:00 – Sovereignty 17:40 – Agentic AI22:17 – Human–AI interaction26:06 – Cloud trends30:42 – AI scaling, domain‑specific models35:03 – Adoption lag39:34 – Physical AI43:47 – Quantum computing48:21 – Hardware acceleration50:30 – Cybersecurity52:38 – Season outlook HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini

I'm joined by Nirmal Mehta of AWS and Viktor Farcic from Upbound, to go through our 2025 year in review. We look into the AI tools that consumed us this year, from CLI agents to terminal emulators, IDEs, AI browsers - what worked, what flopped, what's worth your time and money, and what we think isn't!Check out the video podcast version here: https://youtu.be/mnagfUsh5bc

On Cloud Realities, the real insight rarely came from technology alone, it emerged at the intersection of People, Culture, Industry, and Technology. In the remix we bring back familiar voices and topics while going deeper into the wider impacts, influence, and potential of today's tech across society. The 2026 season trailer, arriving a little later than planned, opens with this renewed focus and sets the stage for Episode 1, launching on February 19. Here's a quick trailer to get you ready!TLDR00:11 The emergence of insight from Cloud Realities01:00  Where the magic happens 01:42 The real impact on People, Culture, Industry and Tech HostsDave Chapman:  https://www.linkedin.com/in/chapmandr/Esmee van de Giessen:  https://www.linkedin.com/in/esmeevandegiessen/Rob Kernahan:  https://www.linkedin.com/in/rob-kernahan/ProductionMarcel van der Burg:  https://www.linkedin.com/in/marcel-vd-burg/Dave Chapman:  https://www.linkedin.com/in/chapmandr/ SoundBen Corbett:  https://www.linkedin.com/in/ben-corbett-3b6a11135/Louis Corbett:   https://www.linkedin.com/in/louis-corbett-087250264/ 'Realities Remixed' is an original podcast from Capgemini