#85 - Is It Time for OpenTofu? Our HashiConf Takeaways
We break down 10 years of HashiConf and this year's Terraform-heavy news. What do Terraform Actions with Ansible, Stacks GA, and HCP-only features mean for day two work? Is open source getting left behind, and is OpenTofu worth a look?
We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.
DevSecOps Talks podcast LinkedIn page
DevSecOps Talks podcast website
DevSecOps Talks podcast YouTube channel
--------
30:46
--------
30:46
#84 - AI for DevSecOps: Current Wins and Ongoing Gaps
Can AI really help us build more secure software? What’s working in practice right now, and where do the tools still fall short? Mattias and Paulina share their views.
We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.
DevSecOps Talks podcast LinkedIn page
DevSecOps Talks podcast website
DevSecOps Talks podcast YouTube channel
--------
35:22
--------
35:22
#83 - Opentofu Vs Terraform: Where We Are Now With Cole Bittel
It’s been a while since OpenTofu was released to the public, so we wanted to check in on where it stands today. How is the community adopting it? What’s the public sentiment? And how does it differ from Terraform in terms of features?
This time we’re joined by Cole Bittel, an experienced SRE, platform engineer, and contributor to OpenTofu. He shares his hands-on experience migrating to OpenTofu, and we look into the problems teams face with infrastructure as code and how both Terraform and OpenTofu approach solving them.
We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.
DevSecOps Talks podcast LinkedIn page
DevSecOps Talks podcast website
DevSecOps Talks podcast YouTube channel
--------
38:45
--------
38:45
#82 - Tools, Mcps, And Attack Scenarios
This time we talk about how LLMs use tools and what the Model Context Protocol (MCP) brings to the table. What are the risks? How can an attacker exploit MCPs? And why are LLMs a bit like grandpas — helpful but forgetful?
We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.
DevSecOps Talks podcast LinkedIn page
DevSecOps Talks podcast website
DevSecOps Talks podcast YouTube channel
--------
36:57
--------
36:57
#81 - Keeping Secrets Safe
Still pasting tokens into Slack? What types of secrets are at risk, and which tools fit which consumer—humans, CI/CD, or workloads? Where do most teams stumble, and how do you fix it fast? Hear our no-nonsense checklist.
Connect with us on LinkedIn or X (see info at https://devsecops.fm/about/). We are happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.
The video version of this episode is available on our YouTube channel
LinkedIn page of the DevSecOps Talks team is here
This is the show by and for DevSecOps practitioners who are trying to survive information overload, get through marketing nonsense, do the right technology bets, help their organizations to deliver value, and last but not the least to have some fun. Tune in for talks about technology, ways of working, and news from DevSecOps. This show is not sponsored by any technology vendor and trying to be as unbiased as possible. We talk like no one is listening! For good or bad :) For more info, show notes, and discussion of past and upcoming episodes visit devsecops.fm
South Africa