Artwork

Content provided by Changelog Media. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Changelog Media or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !

Shift left, seriously. (Interview)

1:28:17
 
Distribuie
 

Manage episode 397750869 series 1282967
Content provided by Changelog Media. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Changelog Media or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

This week we’re going deep on security and what it takes to shift left, seriously. Adam is joined by Justin Garrison (co-host of Ship It), plus two members of the BoxyHQ team — Deepak Prabhakara, Co-founder & CEO and Schalk Neethling, Community Manager and DevRel as well as fellow Changelog Slack member.

We discuss how to shift left, the role of the developer and the burden of security, the importance of tooling, the difference between authentication and authorization, and a mindset change for when security takes place — it’s a matter of “when” not “who.”

Leave us a comment

Changelog++ members get a bonus 10 minutes at the end of this episode and zero ads. Join today!

Sponsors:

  • Vercel – With zero configuration for over 35 frameworks, Vercel’s Frontend Cloud makes it easy for any team to deploy their apps. Today, you can get a 14-day free trial of Vercel Pro, or get a customized Enterprise demo from their team. Visit vercel.com/changelogpod to get started.
  • SynadiaTake NATS to the next level via a global, multi-cloud, multi-geo and extensible service, fully managed by Synadia. They take care of all the infrastructure, management, monitoring, and maintenance for you so you can focus on building exceptional distributed applications.
  • Read Write Own – Read, Write, Own: Building the Next Era of the Internet—a new book from entrepreneur and investor Chris Dixon—explores one possible solution to the internet’s authenticity problem: Blockchains. From AI that tracks its source material to generative programs that compensate—rather than cannibalize—creators. It’s a call to action for a more open, transparent, and democratic internet. One that opens the black box of AI, tracks the origins we see online, and much more. Order your copy of Read, Write, Own today at readwriteown.com
  • Fly.ioThe home of Changelog.com — Deploy your apps and databases close to your users. In minutes you can run your Ruby, Go, Node, Deno, Python, or Elixir app (and databases!) all over the world. No ops required. Learn more at fly.io/changelog and check out the speedrun in their docs.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

  continue reading

Capitole

1. This week on The Changelog (00:00:00)

2. Sponsor: Vercel (00:01:23)

3. Shift left! (00:04:53)

4. Shift lift, no more right? (00:07:35)

5. Too much burden on devs? (00:09:22)

6. There's too much tooling (00:14:23)

7. So, who does security? (00:18:42)

8. Secure defaults (00:21:08)

9. Auth for BoxyHQ (00:26:37)

10. Right vs wrong auth (00:29:37)

11. Sponsor: Synadia (00:33:54)

12. Security as code (00:38:13)

13. Justin's first automation (00:42:27)

14. Tooling to reconcile security (00:49:02)

16. It's when, not who. (00:56:22)

17. Minimum Viable Security Product (00:59:35)

18. I can point to the drive (01:02:22)

19. Build vs buy? (01:03:36)

20. SaaS Vs boxed software (01:07:39)

21. Can you hire for that? (01:10:28)

22. Adam loves Pipedrive (btw) (01:12:20)

23. We're not doing everything (01:13:53)

24. Why is BoxyHQ open source? (01:18:29)

25. How to be open and open to contribs? (01:21:00)

26. Digging into commits (01:22:13)

27. Gaming LOCs (01:23:23)

28. Wrapping up (01:24:07)

29. Up next (01:25:41)

744 episoade

Artwork
iconDistribuie
 
Manage episode 397750869 series 1282967
Content provided by Changelog Media. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Changelog Media or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

This week we’re going deep on security and what it takes to shift left, seriously. Adam is joined by Justin Garrison (co-host of Ship It), plus two members of the BoxyHQ team — Deepak Prabhakara, Co-founder & CEO and Schalk Neethling, Community Manager and DevRel as well as fellow Changelog Slack member.

We discuss how to shift left, the role of the developer and the burden of security, the importance of tooling, the difference between authentication and authorization, and a mindset change for when security takes place — it’s a matter of “when” not “who.”

Leave us a comment

Changelog++ members get a bonus 10 minutes at the end of this episode and zero ads. Join today!

Sponsors:

  • Vercel – With zero configuration for over 35 frameworks, Vercel’s Frontend Cloud makes it easy for any team to deploy their apps. Today, you can get a 14-day free trial of Vercel Pro, or get a customized Enterprise demo from their team. Visit vercel.com/changelogpod to get started.
  • SynadiaTake NATS to the next level via a global, multi-cloud, multi-geo and extensible service, fully managed by Synadia. They take care of all the infrastructure, management, monitoring, and maintenance for you so you can focus on building exceptional distributed applications.
  • Read Write Own – Read, Write, Own: Building the Next Era of the Internet—a new book from entrepreneur and investor Chris Dixon—explores one possible solution to the internet’s authenticity problem: Blockchains. From AI that tracks its source material to generative programs that compensate—rather than cannibalize—creators. It’s a call to action for a more open, transparent, and democratic internet. One that opens the black box of AI, tracks the origins we see online, and much more. Order your copy of Read, Write, Own today at readwriteown.com
  • Fly.ioThe home of Changelog.com — Deploy your apps and databases close to your users. In minutes you can run your Ruby, Go, Node, Deno, Python, or Elixir app (and databases!) all over the world. No ops required. Learn more at fly.io/changelog and check out the speedrun in their docs.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

  continue reading

Capitole

1. This week on The Changelog (00:00:00)

2. Sponsor: Vercel (00:01:23)

3. Shift left! (00:04:53)

4. Shift lift, no more right? (00:07:35)

5. Too much burden on devs? (00:09:22)

6. There's too much tooling (00:14:23)

7. So, who does security? (00:18:42)

8. Secure defaults (00:21:08)

9. Auth for BoxyHQ (00:26:37)

10. Right vs wrong auth (00:29:37)

11. Sponsor: Synadia (00:33:54)

12. Security as code (00:38:13)

13. Justin's first automation (00:42:27)

14. Tooling to reconcile security (00:49:02)

16. It's when, not who. (00:56:22)

17. Minimum Viable Security Product (00:59:35)

18. I can point to the drive (01:02:22)

19. Build vs buy? (01:03:36)

20. SaaS Vs boxed software (01:07:39)

21. Can you hire for that? (01:10:28)

22. Adam loves Pipedrive (btw) (01:12:20)

23. We're not doing everything (01:13:53)

24. Why is BoxyHQ open source? (01:18:29)

25. How to be open and open to contribs? (01:21:00)

26. Digging into commits (01:22:13)

27. Gaming LOCs (01:23:23)

28. Wrapping up (01:24:07)

29. Up next (01:25:41)

744 episoade

Toate episoadele

×
 
Loading …

Bun venit la Player FM!

Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.

 

Ghid rapid de referință