🎙️ Coffee, Chaos and ProdSec - Ep 14

DevSecOps gets thrown around in cybersecurity more than any other term, but almost no one agrees on what it actually means.

So this week, Kurt and Cameron pour fresh mugs and unpack the real practices behind modern Application Security, Product Security, DevSecOps, and Software Supply Chain Security without the marketing fluff.

From threat modeling and architecture reviews, to CI/CD guardrails, identity patterns, SBOMs, pipeline automation, and why DAST still refuses to fit anywhere, this episode digs into how security can integrate into the entire software lifecycle without slowing teams down.

Cameron and Kurt break down why DevSecOps is more culture than tooling, how design flaws start long before code, what AI is about to break next, and why “shift everywhere” beats “shift left” every time.

If you work in cybersecurity or just enjoy hearing two security leaders question reality over caffeine, this one is your new weekly ritual.

☕ New episodes every Wednesday.Coffee, Chaos & ProdSec — strong coffee, stronger opinions.