Free Daily Podcast Summary
The DevSecOps Talks Podcast: Daily Summaries Delivered
by Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do right technology bets, help their organizations to deliver value and last but not the least to have some fun. Tune in for talks about technology, ways of working and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :)
Latest Episodes
The most recent episodes — sign up to get AI-powered summaries of each one.
- 2 days ago56 min
#103 - European Cloud Sovereignty with Mark Shine, Pawel Piwosz and Filipe Berti
Mark Shine, Pawel Piwosz, and Filipe Berti discuss why the default choice of AWS, Azure, or GCP is no longer automatic for every team. The conversation covers cost, managed services, open source, AI workloads, and what European cloud providers can offer instead. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- 1 weeks ago51 min
#102 - The 90-Day Patch Window Is Dead With Ian Amit And Matias Madou
What happens when AI can turn patches into exploits in hours? The hosts discuss why the 90-day disclosure window is breaking, what Mythos Preview changes, and why shipping vulnerable code is becoming more expensive. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- 1 weeks ago38 min
#101 - Infrastructure as Code in 2026: Still Essential or Already Changing?
Six years after the podcast first covered infrastructure as code, what still holds up and what does not? The hosts revisit IaC through a 2026 lens: platform teams shipping secure-by-default modules, stacks becoming standard, GitOps making more sense for Kubernetes, and AI raising new questions instead of removing old ones. It is a practical look at where infra tooling is heading and what teams should stop assuming. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- May 7, 202640 min
#100 - 100 Episodes Later: What Still Matters in DevSecOps
What changed between episode 1 and episode 100, and what stayed surprisingly constant? The hosts revisit infrastructure as code, observability, incident response, secrets, compliance, and supply chain security through the lens of six years of conversations. It is part retrospective, part editorial reset for what the next 100 episodes should focus on. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- Apr 28, 202648 min
#99 - AI SRE and the End of 3 AM On-Call
Could AI handle the worst parts of incident response before you even join the call? Mattias and Paulina talk with Birol Yildiz about AI-written status updates, fast root cause analysis, and the path from read-only help to autonomous fixes. They also explore why post-mortems and documentation may be some of the best places to start. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- Apr 21, 202637 min
#98 - Beyond AI SRE
Andrey shares the thinking behind Boris and the idea of going beyond AI SRE. The conversation covers the DevOps talent shortage, the coming squeeze on AI costs, why repeatable operational tasks are a strong fit for agents, and why customer data should stay in the customer's own AWS account. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- Apr 15, 202635 min
#97 - Shift Left, Get Hacked: Supply Chain Attacks Hit Devs
March 2026 made supply chain attacks feel a lot less theoretical, but what made these incidents different? The hosts discuss compromised publishing credentials, automatic execution hooks like post-install scripts and Python `.pth` files, and how both humans and security tools caught the malicious releases. They also talk through concrete ways to make developer environments harder to abuse. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel
- Apr 1, 202648 min
#96 - Keeping Platforms Simple and Fast with Joachim Hill-Grannec
This episode with Joachim Hill-Grannec asks: How do platforms bloat, and how do you keep them simple and fast with trunk-based dev and small batches? Which metrics prove it works—cycle time, uptime, or developer experience? Can security act as a partner that speeds delivery instead of a gate? We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel Summary In this episode of DevSecOps Talks, Mattias speaks with Joachim Hill-Grannec, co-founder of Peltek, a boutique consulting firm specializing in high-availability, cloud-native infrastructure. Following up on a previous episode where Steve discussed cleaning up bloated platforms, Mattias and Joachim dig into why platforms get bloated in the first place and how platform teams should think when building from scratch. Their conversation spans cloud provider preferences, the primacy of cycle time, the danger of adding process in response to failure, and a strong argument for treating security and quality as enablers rather than gatekeepers. Key Topics Platform Teams Should Serve Delivery Teams Joachim frames the core question of platform engineering around who the platform is actually for. His answer is clear: the delivery teams are the client. Platform engineers should focus on making it easier for developers to ship products, not on making their own work more convenient. He connects this directly to platform bloat. In his experience, many platforms grow uncontrollably because platform engineers keep adding tools that help the platform team itself: "Look, I spent this week to make my job this much faster." But Joachim pushes back on this instinct — the platform team is an amplifier for the organization, and every addition should be evaluated by whether it helps a product get to production faster and gives developers better visibility into what they are working on. Choosing a Cloud Provider: Preferences vs. Reality The conversation briefly explores cloud provider choices. Joachim says GCP is his personal favorite from a developer perspective because of cleaner APIs and faster response times, though he acknowledges Google's tendency to discontinue services unexpectedly. He describes AWS as the market workhorse — mature, solid, and widely adopted, comparing it to "the Java of the land." Azure gets the coldest reception; both acknowledge it has improved over time, but Joachim says he still struggles whenever he is forced to use it. They observe that cloud choices are frequently made outside engineering. Finance teams, investors, and existing enterprise agreements often drive the decision more than technical fit. Joachim notes a common pairing: organizations using Google Workspace for productivity but AWS for cloud infrastructure, partly because the Entra ID (formerly Azure AD) integration with AWS Identity Center works more smoothly via SCIM than the equivalent Google Workspace setup, which requires a Lambda function to sync groups. Measuring Platform Success: Cycle Time Above All When Mattias asks how a team can tell whether a platform is actually successful, Joachim separates subjective and objective measures. On the subjective side, he points to developer happiness and developer experience (DX). Feedback from delivery teams matters, even if surveys are imperfect. On the objective side, his favorite metric is cycle time — specifically, the time from when code is ready to when it reaches production. He also mentions uptime and availability, but keeps returning to cycle time as the clearest indicator that a platform is helping teams deliver faster. This aligns with DORA research, which has consistently shown that deployment frequency and lead time for changes are strong predictors of overall software delivery performance. Start With a Highway to Production A major theme of the episode is that platforms should begin with the shortest possible route to production. Mattias calls this a "highway to production," and Joachim strongly agrees. For greenfield projects, Joachim favors extremely fast delivery at first — commit goes to production, commit goes to production — even with minimal process. As usage and risk increase, teams can gradually add automation, testing, and safeguards. The critical thing is to keep the flow and then ask "how do we make those steps faster?" as you add them, rather than letting each new step slow down the pipeline unchallenged. He also makes a strong case for tags and promotions over branch-based deployment, noting his instinctive reaction when someone asks "which branch are we deploying from?" is: "No bra
Get The DevSecOps Talks Podcast summaries in your inbox
Free AI-powered daily recaps. Key takeaways, quotes, and mentions — in a 5-minute read.
Get Free Summaries →Free forever for up to 3 podcasts. No credit card required.
You Might Also Like
Listeners also like.
Cyberside Chats: Cybersecurity Insights from the Experts
Cybersecurity experts discuss emerging threats, defense strategies, and AI's role in protecting organizations.
Cyber Leaders
Explores cybersecurity trends and strategies through expert insights to help leaders navigate digital threats.
Security Now (Audio)
A weekly deep dive into cybersecurity threats, hacking trends, and practical defense strategies for individuals and businesses.
Latent Space: The AI Engineer Podcast
Covers advances in AI engineering, including foundation models, code generation, and AI agents, through interviews with researchers and developers.
The Cloud Pod | Weekly AI & Cloud News on AWS, Azure & GCP
Covers weekly updates and AI innovations in cloud computing across AWS, Azure, and Google Cloud for tech professionals.
Syntax - Tasty Web Development Treats
Two full stack developers discuss JavaScript frameworks, CSS updates, and web tooling advancements.
Daily Tech News Show
A daily briefing covering the latest developments in technology news from an independent and trustworthy source.
The Pragmatic Engineer
Insightful interviews with engineers and tech leaders on real-world software development challenges and best practices.
This Day in AI Podcast
Two friends discuss artificial intelligence, sharing casual insights, personal experiments, and humorous experiences with AI tools and technology.
TechSurge: Deep Tech Podcast
Explores emerging technologies, startup challenges, and investment trends through conversations with founders, investors, and tech leaders.
Whiskey Web and Whatnot
Developers discuss web technologies, AI coding tools, and software careers alongside casual talk about the human side of programming.
The a16z Show
Explores technology and cultural shifts shaping the future through conversations with industry leaders and innovators.
About The DevSecOps Talks Podcast
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do right technology bets, help their organizations to deliver value and last but not the least to have some fun. Tune in for talks about technology, ways of working and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :)
Customized Recaps
AI-powered recaps with compact key takeaways, quotes, and insights.
Straight to Your Inbox
Get key takeaways from The DevSecOps Talks Podcast in a 5-minute read.
Save Hours Every Week
Stay current on your favorite podcasts without falling behind.
Frequently Asked Questions
What is Podzilla's The DevSecOps Talks Podcast daily summary?
It's a free AI-powered email that summarizes new episodes of The DevSecOps Talks Podcast as soon as they're published. You get the key takeaways, notable quotes, and links & mentions — all in a quick read.
How does the The DevSecOps Talks Podcast podcast summary work?
When a new episode drops, our AI transcribes and analyzes it, then generates a personalized summary tailored to your interests and profession. It's delivered to your inbox every morning.
Is this an official The DevSecOps Talks Podcast product?
No. Podzilla is an independent service that summarizes publicly available podcast content. We're not affiliated with or endorsed by Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin.
Can I get summaries of other podcasts too?
Absolutely! The free plan covers up to 3 podcasts. Upgrade to Pro for 15, or Premium for 50. Browse our full catalog at /podcasts.
How often does The DevSecOps Talks Podcast release new episodes?
The DevSecOps Talks Podcast publishes biweekly. Our AI generates a summary within hours of each new episode.
What topics does The DevSecOps Talks Podcast cover?
The DevSecOps Talks Podcast covers topics including Technology. Our AI identifies the specific themes in each episode and highlights what matters most to you.
Start getting The DevSecOps Talks Podcast summaries tomorrow morning.
Free forever for up to 3 podcasts. No credit card required.
Free forever for up to 3 podcasts. No credit card required.