Episode 9 - Rapid Fire Judgement

29/06/2025 1h 3min Temporada 1 Episodio 9

Listen " Episode 9 - Rapid Fire Judgement "

Descargar episodio Ver en sitio original

Episode Synopsis

In this episode, Tom and Scotti take listeners behind the curtain at Cordant, revealing how the team collaboratively approaches designing IT solutions—from infrastructure to cybersecurity. Framed around a hypothetical greenfield deployment, the discussion is a rapid-fire breakdown of their go-to tools, platforms, and philosophies—covering everything from hypervisors and SIEM solutions to code repositories and discovery tools.
Key Topics Covered:

Discovery & Strategy Process: The Cordant methodology: discovery, internal collaboration, and experience-based solution building.
VMware & Broadcom Fallout: Tom discusses why VMware remains the on-prem hypervisor of choice, despite Broadcom's pricing and licensing challenges. Alternatives are weighed, including cloud-native VMs and infrastructure consolidation strategies.
SIEM & Logging Solutions: Scotti explores cost-effective approaches to log management, weighing Splunk, Microsoft Sentinel, and CrowdStrike SIEM. He stresses the need to align tooling with organisational maturity and internal expertise, cautioning against over-investment in underutilised platforms.
Code Repositories: The team debates GitHub, GitLab, Bitbucket, and cloud-native options. Security, ease-of-use, and deployment flexibility are discussed, especially in contexts requiring data sovereignty or air-gapped environments.
Discovery Tooling & Attack Surface Management: With evolving threats shifting from network-focused to identity-centric attacks, Scotti outlines the importance of modern asset discovery tools like RunZero, AssetNote, and Wiz. He advocates for agentless, comprehensive visibility across hybrid environments.

Key Takeaways:

Vendor selection should reflect organisational context—not just feature sets.
Tooling must match internal capability; gold-plated tech without operational maturity offers little value.
Identity, not infrastructure, is the modern threat frontier—external and internal visibility is critical.
Cloud-native and hybrid strategies should be evaluated tactically and strategically, not reactively.

More episodes of the podcast DevSecOops

Episode 12 - Modern Software, and the Art of Not Trusting AI 22/09/2025

Episode 11 - A Journey In Cyber 22/08/2025

Episode 10 - OT Security & Infrastructure 23/07/2025

Episode 8 - Bytesized: Kubernetes, AI, Oracle, and More 30/05/2025

Episode 7 - Wiz Bang 15/05/2025

Episode 6 - War of The Clouds 06/05/2025

Episode 5 - The Importance of Proper Program Pragmatism 24/03/2025

Episode 4 - Big, Hairy, Audacious Truthbombs 13/02/2025

Episode 3 - Understanding the Modern Threat Landscape 28/01/2025

Episode 2 - Decision-making For Organisations 28/01/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

Episode 9 - Rapid Fire Judgement

Listen " Episode 9 - Rapid Fire Judgement "

Episode Synopsis

More episodes of the podcast DevSecOops

Subdomains, a glance with the experts!

Educational Technology: From traditional to digital

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD