Security

Policy as [versioned] code - you're doing it wrong

Policy as [versioned] code - you're doing it wrong

2022-09-15

Chris Nesbitt-Smith traces how governance policies are typically born — emotionally, reactively, and as one-shot documents — then shows how applying software engineering principles transforms policy into a living, versioned artefact. The talk covers iterative policy management, Kubernetes admission control, open-source policy tooling, and the cultural shift required to make policy genuinely effective rather than just technically compliant.

Automate Azure Role Based Access Control (RBAC) using Github

Automate Azure Role Based Access Control (RBAC) using Github

2022-08-25

Azure RBAC is a critical security control — but managing custom role definitions manually is error-prone, hard to audit, and doesn't scale. In this episode, Chris is joined by Marcel Lupo, DevOps MVP and Solutions Architect, who demonstrates how GitHub Actions can automate the full lifecycle of custom Azure RBAC role definitions. This session goes beyond typical developer workflows to show how GitHub can serve as the governance backbone for your Azure security posture — with role definitions version-controlled, reviewed via pull requests, and deployed through automated pipelines.

Software rotting and why you need to change your approach to security

Software rotting and why you need to change your approach to security

A new phenomenon stand out in recent years: security must pervade the entire software development lifecycle. Except it isn't. Current generation of processes and tools is lacking crucial features to properly manage modern security risks. Think of the Log4J event. Were you able to identify all affected components? Were they internally developed, or you need a vendor support? How fast you were able to deliver a fix? In this talk we'll explore the challenges, what you can do with current tools, and which gaps should be addressed by communities through better practices and new tools.

Tech Roundup - April 2022

Tech Roundup - April 2022

2022-04-24

Your monthly digest of what shipped across Azure, GitHub, and Azure DevOps in April 2022. Notable Azure updates include Container Apps managed identity preview, Static Web Apps private endpoints going GA, Managed Grafana integrations, Microsoft Purview (renamed from Azure Purview), and Cosmos DB autoscale improvements. On GitHub: secret scanning revocation, Codespaces monorepo support, accessibility colour-blind themes, and required deployments for branch protection. Plus Azure DevOps opt-in auditing, Bicep validation in PRs, and a personal update on the Go-based microservices event platform Chris has been building on Azure Container Apps.

Tech Roundup - February 2022

Tech Roundup - February 2022

2022-02-27

A live monthly roundup covering everything notable in Azure, GitHub, and Azure DevOps through February 2022. Key highlights include GitHub Actions support for OpenID Connect (OIDC) deployments to Azure Static Web Apps, GitHub Projects beta improvements (flexible iterations, insights filtering), and updates to GitHub Codespaces and the GitHub CLI. On the Azure side: Azure Monitor gains OpenTelemetry integration and improved observability tooling, Azure Payments HSM enters public preview, and Azure Arc cloud-to-edge observability is explored. Chris also shares Cloud With Chris updates including a new Hugo-powered presentations site hosted on Azure Static Web Apps, a feature flags episode, and community highlights from the UK Azure Community Day.

V038 / V039 - Weekly Technology Vlog #38 and #39

V038 / V039 - Weekly Technology Vlog #38 and #39

2021-09-26

A double episode catching up on two weeks of Azure updates including AKS scale down modes, Cosmos DB Functions v4, and Azure Functions runtime 4.0 with .NET 6, plus GitHub CLI 2.0, Advanced Security secret scanning APIs, and a look at secretless application patterns with managed identities.

DevOps Trends

DevOps Trends

2021-09-24

A decade after Patrick Debois coined "DevOps," the landscape looks radically different. In this episode, Daniela Fontani — CTO at Central Consulting and long-time open source contributor — breaks down the most important DevOps trends reshaping the industry today: DevSecOps, GitOps, NoOps, automation-first pipelines, and the growing role of platform engineering. Plus, the honest truth about which buzzwords actually matter and which you can safely ignore.

V037 - Weekly Technology Vlog #37 (GitHub Issues Beta Special!)

V037 - Weekly Technology Vlog #37 (GitHub Issues Beta Special!)

2021-09-12

Chris walks through the new GitHub Issues beta, showcasing project boards, table views, YAML-based issue forms, and converting checklists to sub-issues, alongside Azure capacity reservation, zone redundant disk storage, and DevSecOps shifting-left updates.

Migrating to the Cloud

Migrating to the Cloud

2021-09-08

Cloud migration is as much a people and process challenge as it is a technical one — a fact underscored by a 2020 Cloud Security Alliance study in which 90% of respondents reported a failed migration. In this episode, Chris is joined by Suzanne Tedrick, Azure Infrastructure Specialist at Microsoft and award-winning author of 'Women of Color in Tech', to explore how the Microsoft Cloud Adoption Framework provides a holistic, structured path to successful migrations. From governance and stakeholder alignment to multi-cloud strategy, this conversation covers the critical foundations every organisation needs before and during their cloud journey.

V036 - Talking cloud and playing Among Us with the community

V036 - Talking cloud and playing Among Us with the community

2021-09-05

Chris and community guests Dean, John, Matt, and Simon play Among Us while discussing Azure Spring Cloud Enterprise, AKS custom policy updates, Docker Desktop's new pricing model, and tips for multi-platform live streaming setups.