Kubicast #163 - DevSecOps in practice with Robson Santos

Check out the launch of episode 163 of Kubicast, where we dive headfirst into topics that are shaping the future of DevOps and DevSecOps! In this episode, we had the honor of welcoming Robson, an experienced security analyst u2013 who has worked in several areas, from network analyst to DevOps u2013 to share challenges, lessons learned, and essential recommendations for anyone working with security, containers, Kubernetes, Cloud Native, and secure development.

During the chat, we discussed how container security and DevOps culture come together to transform cloud environments. We talked about the importance of shift left, bringing security to the early stages of development, and how threat modeling can be key to identifying the critical points that need to be protected. Robson shared his experiences with certifications u2013 such as Cloud Security Engineer and others u2013 emphasizing that, to evolve in your career, you need resilience, constant updates, and good teamwork.

Another crucial point addressed was the need to integrate development and operations teams so that security is not just an extra layer, but an intrinsic part of the pipeline. We discussed the differences between SAST and DAST, and how open source tools, such as SonarQube, can help in detecting vulnerabilities and creating a more secure environment. We also talked about the importance of well-defined security policies, network segmentation, and the joint work of specialized teams u2013 from the SOC to developers u2013 to mitigate risks and ensure data integrity.

We believe that sharing knowledge is fundamental to driving digital transformation in a safe and innovative way. If you are looking for insights on security, secure development, and best practices in DevOps and Cloud Native, this episode is a must-watch!

🎧 Also listen to episode 163 of Kubicast on Spotify and get ready for another season packed with high-level content!