DevOps Chat

Anshu Agarwal has a tremendous record of working in startups that had successful exits. Now for the first time, along with her co-founders, she is actually founding the startup herself. Nimbella is a serverless platform that is cloud agnostic and makes developing and deploying applications easy. Whether in a public cloud, private data center or both, Nimbella can help. In this chat we speak with Anshu about her own personal journey and where Nimbella is and what the plans are for going forward

Christopher O'Malley is one of the leading voices in the DevOps for Mainframe community. He is relentless in advocating how the mainframe platform can not just exist, but thrive in todays agile/DevOps environments. His evangelism not only keeps his company Compuware front and center in the mainframe DevOps discussion, but really lifts the entire market. In this chat we catch up with Chris to talk about the latest release of Topaz, what are the latest trends in the mainframe market and what we can expect in the near short term. Chris is always a great interview with lots to say and this interview is right on point.

In this DevOps Chat we speak with Manish Gupta, CEO co-founder of ShiftLeft. ShiftLeft is one of the up and coming DevSecOps companies. As evidence of such, they were recently chosen as one of the 10 finalists for this years #RSAC innovation Sandbox award. I have known Manish for many years in the security industry and it does not surprise me that he is once again at the top of a company that is setting the mark in the industry. As DevSecOps continues to mature we are seeing solutions that help at different points of the software pipeline. Some solutions are shifting far left and helping developers at the point of development and committing code. Other solutions are squarely aimed at the old Ops team. Almost a DevSec and a SecOps bifurcation. I am not sure that this is a great thing, I would like to see a more holistic solution, but I do believe the market will correct this. ShiftLeft could be one of those companies who is on top at the end of the day.

They say if you live long enough . . . Few things give me greater pleasure than seeing my friends well earned success. Rich Mogull and Mike Rothman (along with Adrian Lane, Jody Brazil & Brandy Peterson) have been chasing a dream for more than a few years now. How to make the SecOps persons life easier, while bringing security into the age of DevOps, automation, agile, CI/CD, etc. Say hello to DisruptOps (http://www.disruptops.com). I first interviewed Mike about DisruptOps a few months ago. The company was just emerging from stealth. While they are still in preview, they were one of hundreds of companies that threw their hat into the ring for the prestigious RSAC Innovation Sandbox. Very proud to report that they were one of 10 finalists selected for this years program. If history is any guide, the fact they made the final cut is a good indicator of success to come. And well it should frankly. This founding team are some of the most dynamic, talented and smartest people I know in the business. I had a chance to sit down with Rich Mogull and Mike Rothman to discuss what is driving DisruptOps and what the disruption is all about. Have a listen as we talk about it from the executive view, the security admin view and the market view. Also be sure to check out DisruptOps at DevOps Connect: DevSecOps Days at RSAC, Monday, March 4th. https://www.devopsconnect.com/event/devops-connect-devsecops-days-rsac-2019/ Rich is also on a panel at the event as well as several other sessions at RSAC this year. Enjoy!

The RSA Conference is just a month away. Once again RSAC promises to be the place where the world gathers around security. With upwards of 50,000 people attending, it is big by anyone's standard. If you haven't already registered, here is a code for $100 dollars off a full conference pass (all sessions), 1U9DEVOPSFD or get a free expo pass, 1U9DEVOPSXP DevSecOps will be center stage this year, literally. Shannon Lietz, the found of DevSecOps.org will be keynoting as well as leading a week long track on DevSecOps. Appearing with Shannon, is another leader of the DevSecOps community, James Wickett. James is the founder of the Rugged DevOps movement and a key member of the Signal Science team. Both James and Shannon are our guests in this DevOps Chat. Part 1 of this chat where with just Shannon is also available. In addition to the DevSecOps track all week, there is also the 5th annual DevOps Connect: DevSecOps Days on Monday, March 4th at Moscone, as part of RSAC. www.devopsconnect.com/event/devops-c…ays-rsac-2019/ www.devsecopsdays.com/2019-devsecops…s-sanfrancisco

The RSA Conference is just a month away. Once again RSAC promises to be the place where the world gathers around security. With upwards of 50,000 people attending, it is big by anyone's standard. If you haven't already registered, here is a code for $100 dollars off a full conference pass (all sessions), 1U9DEVOPSFD a free expo pass, 1U9DEVOPSXP DevSecOps will be center stage this year, literally. Shannon Lietz, the found of DevSecOps.org will be keynoting as well as leading a week long track on DevSecOps. Shannon is our guest in this DevOps Chat. Part 2 of this chat where we are joined by Rugged DevOps founder, James Wickett will follow this chat next. In addition to the DevSecOps track, there is also the 5th annual DevOps Connect: DevSecOps Days on Monday, March 4th at Moscone, as part of RSAC. https://www.devopsconnect.com/event/devops-connect-devsecops-days-rsac-2019/ https://www.devsecopsdays.com/2019-devsecopsdays-sanfrancisco

Tyler Shields is someone who has made the leap from technical security expert to business leader. At Veracode, CA and now Sonatype, Tyler is someone who can clearly enunciate the path forward for business leaders on what they should be doing in regard to DevSecOps, open source security and minimally viable security. Tyler gets it and you can learn a lot from him. Have a listen and enjoy

What exactly is a chief scientist? Eric Sheridan at WhiteHat tells us. More than that, Eric gives us what he calls the "the security addendum to the 12 factor App." I guess to understand this, you need to understand something about the 12 factor app process. Here is the website to learn: https://12factor.net/ Eric lays out a well reasoned approach to appsec and some good research findings from WhiteHat. Have a listen

In this DevOps Chat we speak with nClouds CEO JT Giri about the challenges SMBs face when moving to the cloud. As an AWS premier partner, nClouds specializes in helping these companies achieve a successful cloud migration. So why should SMBs migrate to the cloud? What are their challenges? How can they succeed? JT shares with us his insight, honed from helping dozens and dozens of SMBs do this successfully.

In this DevOps chat we speak with our old friend Tim Woods, VP of technology alliances at Firemon. Firemon's mission has moved beyond the management of the firewall to managing your security. Recent acquisitions have enabled them to offer comprehensive security management across the entire hybrid environment. Tim and I discuss the current state of technology and what large enterprises are looking for their hybrid environments. Great conversation!

Scaling your testing is the scourge of many software teams. While test automation and continuous testing have made great strides, it is still hard to automate every QA test. Also engineering resources who can script these tests are hard to find. Enter Rainforest. Rainforest has a unique crowdsourcing solution to continuous testing. It combines crowdsourcing talent with automation to deliver a high level of quality assurance on a continuous basis. In this chat we spoke with CIO Derek Choy as he explains to us why Rainforest in some ways can be the Uber of QA.

Two megatrends for 2019 and beyond is scale and automation. The identity management space is a perfect example. Between all of the IP enabled devices (machines) coming on line, the billions of people and their identities, managing these billions and billions takes systems that will redefine scale and almost by definition have to be automated. Enter Forgerock. They are a leader in managed identities for both consumer brands, IoT devices and more. We spoke with Peter Barker, their VP of product about the challenges to scaling at this level and how important identity management is.

In this DevOps Chat we look at some exciting new technology from a company called MissingLink. Yosi Tauguri is their CEO, founder and he is the guest on this DevOps Chat. Missinglink is part of the Samsung X product development team. Their mission is to use ai to help data engineers with deep learning problems that can transform organizations abilities to meet and exceed today's customers expectations. Really interesting stuff here.

Managing your machines identities is as or even more important than managing your personal identities. And with the explosion in the amount of machines thanks to IoT, containers, serverless and more their numbers are in the 10s of billions or more. That is a big job and someone has to do it. That is why Venafi just security a $100 million dollar round of funding. We caught up with Venafi CEO Jeff Hudson to talk about how big and important a job it is to manage these billions and billions of machines (sorry for the Carl Sagan, but its true). Venafi has been doing this for 7 years and have learned a thing or two along the way. Listen in as Jeff educates us on this very important mission.

James Wickett is the man to go to for DevSecOps. The founder of the Rugged DevOps movement which has merged into the DevSecOps group, James is one of the most knowledgeable people on the subject of DevSecOps. In this DevOps Chat James shares his views on what is on the horizon for DevSecOps and what are the most important things we can do to make our teams more secure. Have a listen as James gives us his take. Also look for the video of this interview on DevOps.com

Unravel is making a name in the AIOps, APM and big data markets. We chat with Unravel CEO Kunal Agarwal in this DevOps Chat about what makes Unravel a must have for its customers. We also take a sneak peek ahead to what the near and not so near future holds for big data, AIOps and the tech scene in general. Great listen.

Portshift brings a new identity-based application security model from code to runtime. Cloud or on prem, Portshift works. In this chat we speak with CEO Ran Ilany and VP Business Ops Eran Grabiner about what is unique to the Portshift solution and why you should consider it for your own application security. Especially for your DevOps teams.

SauceLabs has unveiled its new headless browser testing capability which will allow for automated and continuous testing to perform even faster. I sat down with Lubos Parobek, VP of Product at Sauce to discuss what drove this development and how it can help DevOps teams be even more efficient with their testing.

Managing Macs, iPhones, iPads and other Apple devices at scale is not something really native to iOS or OSX. Enter Fleetsmith. In sort of a Puppet meets Apple, the Fleetsmith team automates configuration, management and security of your Apple devices. In this chat we sit down with Fleetsmith co-founder, CEO Zack Blum and company advisor, Puppet co-founder, Luke Kanies to discuss the mission and challenge in managing your Apple devices.

While everyone wants to focus on building a new app, the fact is there are many, many apps already out there. They need to be maintained, updated and modernized. How do you upgrade these legacy apps to new infrastructure, frameworks, languages, etc? App Modernization is a thing. In this DevOps Chat we speak with Matt Tarnawsky of IBM about App Modernization and Service Virtualization, testing and more.

It seems every organization is chasing digital transformation. Some companies are succeeding, some are wallowing a bit, trying to figure out how to do it. Box is a company that is both successfully navigating digital transformation, as well as a catalyst for digital transformation at other organizations. In this DevOps Chat we speak with Paul Chapman, CIO of Box about these topics and he gives us his own take on what the environment is like for companies and what they should do to thrive today. Great conversation, enjoy!

RSA Conference is where the world comes to meet Security. For the last 14 years, the Innovation Sandbox Contest was where you could find out what the up and coming companies in security were up to. This year RSAC is doing something else in addition. The Launch Pad is where to come to if you have a great idea. You can pitch to VCs, the community and your peers - get great feedback. https://www.rsaconference.com/events/us19/agenda/rsac-launch-pad In this chat we speak with Cecilia Marinier of RSAC about Sandbox, Launch Pad and so much more that is RSAC. Listen to the chat, go to RSAC and enjoy.

Digicert a leader in the digital certificate world recently conducted a survey on the use and security around Internet of Things (IoT). In this DevOps Chat we spoke with Mike Nelson, VP of IoT Security at Digicert. Mike explains the results of the survey as well as what are the key things that the top tier companies are doing that sets them apart. You can get the full results of the survey and report at https://www.digicert.com/state-of-iot-security-survey/

In just a little over 3 years Aqua Security has set their mark in the container security space. With their major new release of Aqua 3.5 they have again raised the bar with Serverless and Container Encryption upgrades and feature sets. I sat down with the Aqua Enforcer himself, Rani Osnat and "Boston" Andy Feit to discuss the details of this major release. Rani and Andy give us an inside peek.

As the old saying goes, "speed kills". When it comes to development, a lack of speed can kill too. Marko Anastasov and the Semaphore team have always strived to make Semaphore the fastest CI tool in the market. With version 2.0 of Semaphore they believe they truly are. Marko brings a unique perspective as a developer to leading the Semaphore team. He knows what he and his colleagues like and that is the roadmap for Semaphore. Have a listen to Marko tell us in his own words.

Chris Eng has been shepherding the State of Software Security for a long time now. This new volume 9 of the survey is one of the best. I had a chance to sit down with Chris and discuss some of the highlights and interesting findings in this years report. Don't miss this chat and be sure to download the report from the Veracode site.

Dale Vecchio has tens of years in the mainframe business. 18 or so of those years was with Gartner covering the mainframe beat. Dale is now with LzLabs. They recently conducted a survey with Microsoft On mainframe use: https://info.lzlabs.com/lzlabs-microsoft-mainframe-modernization-survey-2018 The results may or may not surprise you depending on your views on mainframes. It seems that a very high majority of mainframe users would like to ditch their mainframes if they could. There are some other interesting results here as well. Of course LzLabs offers software as mainframe and Microsoft is not exactly known as a mainframe powerhouse. So I guess "take it with a a grain of salt" applies. What do you think? Can we scale out in the cloud without scaling up as we do in mainframes or can we do it all in the cloud?

Evan Kaplan, CEO of Influx Data is someone who knows his way around the technology world. In a lifetime of experience that has seen him found and manage several successful companies from start up to public entities, Evan has had a great track record of success. Influx Data is yet another success for Kaplan. Building on the open source InfluxDB they boast over 200,000 users of Influx today. I sat down with Evan to discuss Systems instrumentation today and what big data and velocity means for developers and everyone up the stack. It is a very different world from just 15 or 20 years ago. Listen in as Evan gives us his insight.

It is really my pleasure to present this episode of DevOps Chat. I have known Mike Rothman for 15 years or so. He and his partners in DisruptOps, Rich Mogull, Adrian Lane, Jody Brazil and Brandy Peterson have been some of the sharpest guys in the information security world for a long time. I knew they were working on a DevSecOps startup but I couldn't say anything. Well know the cat is out of the bag and I am happy to give you this conversation with Mike, who is President of DisruptOps. This is a company to watch with real ideas and experience behind it. Have a listen to our conversation and check them out at http://disruptops.com

Toby Corbin is a team lead on IBM's Microclimate Developer Experience tribe. Part of what he does is performance analysis for developers utilizing Cloud Private for the application environments. As such he has a unique relationship and perspective with what developers, as well as DevOps teams are experiencing and what they are striving for in terms of microservices and infrastructure, etc.. We had a good chat with Toby on some of this in this episode. You can find out more about IBM's Microclimate at https://www.ibm.com/in-en/marketplace/microclimate

Gil Sever and Applitools are pioneering a new segment in the AI market, Visual AI. Originally used as part of their testing and monitoring solution, Applitools believes that visual AI will become an entire segment with the AI space. When it does, Applitools will be the leader in it. Great vision from the CEO. Right now Applitools is doing a great job with visual testing and monitoring. We check in with Gil and get the latest.

In this DevOps Chat we sit down with Rani Osnat and Andy Feit of Aqua Security to discuss what is happening in the container security market. The entire container space is of course exploding with this year's North American KubeCon in Seattle shaping up to be a blockbuster event (https://events.linuxfoundation.org/events/kubecon-cloudnativecon-north-america-2018/) Aqua along with AWS and Red Hat are putting on the KubeSec Enterprise Summit on the Monday of KubeCon and if container security is on your radar (and if its not, why not?) don't miss this one.

October 17, 2018 starting at 3am New York time, AllDayDevOps is back. With over 124 speakers/sessions, there is virtually (no pun intended) something for everyone. We caught up with Derek Weeks and Mark Miller, the founders of AllDayDevOps to see what's new and what has them excited. Great stuff going on here and you can be part of it by registering now http://alldaydevops.com

Mark Curphey has been a leader in the security space for many years. He recently joined Veracode and is helping to shape the strategy there. He has some great thoughts on the future of DevSecOps and AppSec. In this interview we speak with Mark about his vision and thoughts on the future of DevSecOps

It was announced yesterday (https://www.prnewswire.com/news-releases/clearlake-capital-backed-perforce-software-to-acquire-perfecto-mobile-300726603.html) that Perforce has acquired Perfecto Mobile. Perfecto is one of the leading players in the mobile app testing space. Perforce originally was a version control solution, but with 5 acquisitions recently is branching out into a broader DevOps solution company. I sat down with the CEOs of Perfecto and Perforce to discuss the reasoning behind the merger, as well as the broader DevOps market trends that are at play here. Great conversation, have a listen!

Zohar Alon is a pioneer in cloud security having started Dome9 after leaving a distinguished stint at Checkpoint. Dome9 has seen the advent of DevSecOps influence the Cloud Security space (or maybe it is the other way around). I have known Zohar for years and he is always an interesting interview. This podcast is no exception. Good stuff from the Zohar!

Listeners to DevOps Chat are not strangers to JFrog. We recently spoke with CEO, co-founder, Shlomi Ben Haim about their acquisition of Trainologic. But today we are happy to announce that Shlomi and team have announced a series D round of capital total a whopping $165m dollars! This may be the biggest raise in the DevOps market to date. We speak with Shlomi about how this came about and what are JFrog's plans now that it is fully funded. Also what does this mean for the industry in light of other recent news around capital raises. Congrats to Shlomi and the entire JFrog team.

Pete Cheslock has appeared on DevOps Chat as his career has spanned several leading DevOps enabled companies. It seems that where there is DevOps, there is Pete Cheslock. Pete has joined Chaos Search as VP of product. Pete tells us why he joined and what excites him about Chaos Search and DevOps.

The Accelerate State of DevOps Report(https://cloudplatformonline.com/2018-state-of-devops.html) has become the go to source for the definitive word on DevOps adoption and metrics. Building on 6 years of research with sound academic process, the State of DevOps reports are peer review class research into the state of DevOps. We sit down with DORA co-founder and well known DevOps author and practitioner, Jez Humble to discuss this years report and its key findings.

A few months back Tricentis merged with QASymphony to create a large player in the continuous testing space. This interview with Tricentis CEO Sandeep Johri originally ran(https://devops.com/tricentis-acquires-qasymphony-the-age-of-continuous-testing-is-upon-us/) on DevOps.com. You can hear it now on Soundcloud and elsewhere as just a podcast.

Yesterday JFrog announced it had acquired Trainologic. I sat down with Trainologic CEO Gal Marder, who is now Jfrog's VP of DevOps Services and Jfrog's CEO and co-founder, Shlomi Ben Haim. Shlomi and Gla give us the reasons behind the acquisition and what the plan is for rolling DevOps professional services as part of the Jfrog bundle of offerings. With so many companies adopting DevOps, the need for pro services to help them is a big need. Jfrog hopes to capitalize on this by creating pro serve commando units. You can find out more here: https://jfrog.com/about/jfrog-acquires-trainologic-to-fortify-platform-expansion-with-enterprise-devops-services/

Container adoption has gone mainstream. It seems everyone is moving to a Kubernetes/Docker model. Part and parcel with that is the challenge of how do we secure these environments. There are many companies that claim to offer container security solutions, but many of them have "container washed" their existing solutions. There are few "container native" security companies. StackRox is one of these companies. In this chat we speak with Ali Golsha, CEO of StackRox.

The security of open source components have been in the spotlight especially since the Equifax breach last year. In this DevOps Chat we speak with WhiteSource Software co-founder Azi Cohen about the challenges that DevOps and DevSecOps teams are facing in trying to keep their applications secure. A big part of this is making sure your open source components are up to date and secure. This is where WhiteSource Software plays. Azi had some great insights on this subject

Eric Minick, CD and Continuous Testing Program Director at IBM talks to us about Day 2 of DevOps and beyond. Eric is always a great guest on DevOps Chat and this episode is no exception. Lots of really good information here.

In this chat we sat down with Ben Bernstein, CEO of Twistlock. Twistlock just announced another round of venture capital funding, as well as continued progress in customer adoption and new features. Bernstein also shared with us his views on container security and what the market is looking for.

Shift Left. You have heard the term but what does it mean? In this chat we sit down with Chetan Conikee, founder & CTO of ShiftLeft to discuss what we mean by ShiftLeft. Also about how we can take lessons learned in DevOps to make AppSec and security better. Great conversation with someone who understands the issue.

There were several incident management vendors who were "DevOps native" in the market. But with the maturity of the DevOps movement and the adoption of DevOps by organizations large and small, larger more established incident management firms have taken their own lessons in adopting DevOps to tailor their solutions for DevOps. Everbridge is one of those companies. A public company, Everbridge is bringing their best in class solution to the DevOps market. I spoke with Prashant Darisi, VP of Products there about this and more. Have a listen.

CircleCI was born as a cloud native SaaS based CI solution. Since then they have also released an "on prem" solution and today offers a full CI/CD solution. We chat with Rob Zuber, CTO at CircleCI and veteran of the tech space with four startups under his belt. Rob gave us some great insight into the market, I am sure you will find interesting.

SignalFX is a company hitting its stride by providing a quality solution to large enterprises. The company recently announced a new round of capital with a $45m raise. We chat with CEO Karthik Rau about what this means for the future of the company and what it means for the modern applications that we are seeing deployed today.

RoelBob creator and futurist Bob Reselman talks about what the future may hold for you and your career in light of automation. In the bigger picture what does this really mean for you, your children and society in general? Bob gives us his thoughts in this chat