Artwork

Контент предоставлен Compromising Positions. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией Compromising Positions или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
Player FM - приложение для подкастов
Работайте офлайн с приложением Player FM !

Episode 4 : CODE RED - Empowering engineers to secure our ci/cd pipelines

36:17
 
Поделиться
 

Manage episode 380228609 series 3517973
Контент предоставлен Compromising Positions. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией Compromising Positions или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.

In this episode, our guest Josh Nesbitt, CTO of Glean a Leeds EdTech startup, shares his insights on securing the data of vulnerable people, the importance of accessibility and compliance in production-ready products, and the challenges of achieving usability, functionality, and security in concert.

Join us as we debunk common misconceptions around agile and explore how security teams can be more creative in their approach. We’ll talk about how to use tooling and engagement to get engineers and security teams on the same page.

Links to everything Josh discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review and share on LinkedIin or in your teams, it really helps us spread the word and get high-quality guests, like Josh, on future episodes.

We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I a compromising position here?’

SHOW NOTES

Great blogs on how Shopify do engineering: https://shopify.engineering/

The ‘curse of knowledge’ Jeff mentioned came from our discussions with Christian Hunt - Check out his episodes here

Github Actions

Nice guide on how to get started with Linting (a tool the analyses source code to flag programming errors and bugs)

Rubocop - A Ruby static code analyser

About Josh

Josh is a software engineer and technical leader based in the UK. He’s been working on the web for the last 17 years, and during that time, he’s worked with a wide range of clients, from indie start-ups to some of the largest organisations in the world. His work spans from hands-on projects building large platforms to leading some of the best-performing teams in our industry.

Alongside his work as a consultant, he also runs an internationally recognised conference called All Day Hey!, which brings people from all over the world to the heart of Leeds to learn, inspire and share stories.

Links Related to Josh Nesbitt:

Josh on Linkedin: linkedin.com/in/josh-nesbitt

Josh at Hey! Including his amazing conference ALL DAY HEY!: https://heypresents.com/

Josh’s podcast: https://heypresents.com/podcast

  continue reading

55 эпизодов

Artwork
iconПоделиться
 
Manage episode 380228609 series 3517973
Контент предоставлен Compromising Positions. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией Compromising Positions или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.

In this episode, our guest Josh Nesbitt, CTO of Glean a Leeds EdTech startup, shares his insights on securing the data of vulnerable people, the importance of accessibility and compliance in production-ready products, and the challenges of achieving usability, functionality, and security in concert.

Join us as we debunk common misconceptions around agile and explore how security teams can be more creative in their approach. We’ll talk about how to use tooling and engagement to get engineers and security teams on the same page.

Links to everything Josh discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review and share on LinkedIin or in your teams, it really helps us spread the word and get high-quality guests, like Josh, on future episodes.

We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I a compromising position here?’

SHOW NOTES

Great blogs on how Shopify do engineering: https://shopify.engineering/

The ‘curse of knowledge’ Jeff mentioned came from our discussions with Christian Hunt - Check out his episodes here

Github Actions

Nice guide on how to get started with Linting (a tool the analyses source code to flag programming errors and bugs)

Rubocop - A Ruby static code analyser

About Josh

Josh is a software engineer and technical leader based in the UK. He’s been working on the web for the last 17 years, and during that time, he’s worked with a wide range of clients, from indie start-ups to some of the largest organisations in the world. His work spans from hands-on projects building large platforms to leading some of the best-performing teams in our industry.

Alongside his work as a consultant, he also runs an internationally recognised conference called All Day Hey!, which brings people from all over the world to the heart of Leeds to learn, inspire and share stories.

Links Related to Josh Nesbitt:

Josh on Linkedin: linkedin.com/in/josh-nesbitt

Josh at Hey! Including his amazing conference ALL DAY HEY!: https://heypresents.com/

Josh’s podcast: https://heypresents.com/podcast

  continue reading

55 эпизодов

Все серии

×
 
Loading …

Добро пожаловать в Player FM!

Player FM сканирует Интернет в поисках высококачественных подкастов, чтобы вы могли наслаждаться ими прямо сейчас. Это лучшее приложение для подкастов, которое работает на Android, iPhone и веб-странице. Зарегистрируйтесь, чтобы синхронизировать подписки на разных устройствах.

 

Краткое руководство