Nickolas Means talks about Security, Devops velocity, blameless orgs, and conferences infosec should attend

BrakeSec Education Podcast

محتوای ارائه شده توسط Bryan Brake, Amanda Berlin, and Brian Boettcher. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Bryan Brake, Amanda Berlin, and Brian Boettcher یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

2+ y ago 1:14:50

MP3•خانه قسمت

Guest info

Name and Title:

Nickolas Means, VP of Engineering at SYM

Email/Social Media Contact:

@nmeans on Twitter, @[email protected] on Mastodon

Time Zone (if other than Pacific):

Central (Austin, TX)

Show Topic Summary / Intro

We welcome Nickolas Means to the stream. Nick is the VP of Engineering at Sym, the adaptive access tool built for developers. He's been an engineering leader for more than a decade, focused on helping teams build velocity through trust and autonomy. He's also a regular speaker at conferences around the world, teaching more

effective software development practices through stories of real-world engineering triumphs and failures.

He’s also the co-host of “Managing Up” a podcast with Management tips, stories, and interviews to help navigate the challenges of managing creative and technical teams.

Questions and potential sub-topics (5 minimum):

'blameless environment' during an incident. We can discuss working an incident and if a 'blameless' environment the exception or the rule (stories from the trenches are always welcome)

Building a compliance program without tanking your engineering velocity... I'd like to speak about that in terms of overall security (product security, scanning, license checks, and more)

Is there a playbook to building more efficient dev and security teams? Can cross training dev in basic security, or security in sprint planning processes make a better experience for all?

Will we ever solve ‘shifting left’? What does Shifting Left really mean to engineering teams, or is that a term security people created to try and speak ‘dev/eng’?

‘Managing Up’... security is often asked to do a lot. Be STO when you don’t manage the resources, timeline, etc. When teams are small, you’re either in the operational/tactical, when management wants a ‘tactical/strategic’ view. What can the overall business do to create a good working relationship out of the gate? “Make a dashboard” is all well and good, except when your org lacks maturity across the board. What are some realistic expectations management should have when the company is small? (I will provide additional context during the stream)

Additional information / pertinent Links (would you like to know more?):

https://managingup.show/ - Managing Up Podcast “Management tips, stories, and interviews to help navigate the challenges of managing creative and technical teams.“

https://symops.com/ - Adaptive access management tools built for engineers

https://www.ted.com/talks/brene_brown_the_power_of_vulnerability?language=en

https://www.terraform.io/

https://news.stanford.edu/2022/12/05/explains-recent-tech-layoffs-worried/

Show Points of Contact:

Amanda Berlin: @infosystir @hackershealth

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake @[email protected]

Website: https://www.brakeingsecurity.com Twitch: https://twitch.tv/brakesec

Youtube: https://youtube.com/c/BDSPodcast

465 قسمت