DevSecOps Podcast

Episode 44Jun 5, 2026⏱️ 20:27Kiro CLI Approval Bypass, Amazon Braket Pickle Risk, AWS Org Logging, KEDA Upgrades, and Automation’s Hidden BoundariesEpisode: Kiro CLI Approval Bypass, Amazon Braket Pickle Risk, AWS Org Logging, KEDA Upgrades, and Automation’s Hidden Boundaries

This episode of Ship It Weekly is about automation’s hidden boundaries. Brian covers Kiro CLI CVE-2026-9255, where piped stdin could act like user approval, Amazon Braket SDK CVE-2026-9291…

Episode 43May 28, 2026⏱️ 23:47GitHub Supply Chain Attacks, Railway’s GCP Outage, Discord’s Voice Failure, AWS Retry Changes, and Trusted Tool RiskEpisode: GitHub Supply Chain Attacks, Railway’s GCP Outage, Discord’s Voice Failure, AWS Retry Changes, and Trusted Tool Risk

This episode of Ship It Weekly is about trusted tools becoming production dependencies. Brian covers a rough GitHub supply chain week, including the compromised Nx Console VS Code…

Episode 42May 25, 2026⏱️ 36:06Ship It Conversations: Jake Warner on Cycle.io, Bare Metal’s Comeback, and Why Private Cloud Is Getting Interesting AgainEpisode: Ship It Conversations: Jake Warner on Cycle.io, Bare Metal’s Comeback, and Why Private Cloud Is Getting Interesting Again

This is a guest conversation episode of Ship It Weekly, separate from the weekly news recaps.In this Ship It: Conversations episode, I talk with Jake Warner, founder and…

Episode 41May 21, 2026⏱️ 22:23CISA’s GitHub Leak, AI Root Cause Analysis, Copilot Agents, Claude Code in CI/CD, and Kubernetes Seccomp RiskEpisode: CISA’s GitHub Leak, AI Root Cause Analysis, Copilot Agents, Claude Code in CI/CD, and Kubernetes Seccomp Risk

This episode of Ship It Weekly is about secrets, agents, risky defaults, and follow-up work that never gets done. Brian covers the CISA contractor GitHub leak involving AWS…

Episode 40May 14, 2026⏱️ 23:21AI Agents Get API Access and Identity: GitHub Copilot Cloud Agents, MCP Auth, Ansible Automation, OpenAI Daybreak, and the New Production RiskEpisode: AI Agents Get API Access and Identity: GitHub Copilot Cloud Agents, MCP Auth, Ansible Automation, OpenAI Daybreak, and the New Production Risk

This episode of Ship It Weekly is about AI agents moving from helpful coding assistants into real operational actors. Brian covers GitHub making Copilot cloud agent tasks available…

Episode 39May 8, 2026⏱️ 21:57Cursor Deletes PocketOS Prod DB, .de DNSSEC Outage, Bluesky Postmortem, Argo CD, and Copy FailEpisode: Cursor Deletes PocketOS Prod DB, .de DNSSEC Outage, Bluesky Postmortem, Argo CD, and Copy Fail

This episode of Ship It Weekly is about modern reliability getting squeezed from both directions. Old-school failures still hit hard, like broken DNSSEC, kernel privilege escalation bugs, and…

Episode 38May 4, 2026⏱️ 31:54Ship It Conversations: Gareth Kersey on IaCConf 2026, AI, and Corey Quinn’s Terraform KeynoteEpisode: Ship It Conversations: Gareth Kersey on IaCConf 2026, AI, and Corey Quinn’s Terraform Keynote

This is a guest conversation episode of Ship It Weekly, separate from the weekly news recaps.This episode is not sponsored. I wanted to cover IaCConf because the theme…

Episode 37Apr 30, 2026⏱️ 25:08GitHub RCE, AI Agent Prompt Injection, and the New Reality: Your Developer Toolchain Is Production NowEpisode: GitHub RCE, AI Agent Prompt Injection, and the New Reality: Your Developer Toolchain Is Production Now

This episode of Ship It Weekly is about the developer toolchain becoming part of production. Brian covers GitHub’s critical git push RCE, AI-assisted reverse engineering, prompt injection against…

Episode 36Apr 23, 2026⏱️ 20:24Kubernetes 1.36, Gateway API v1.5, AWS Copilot End of Support, and Cloudflare Non-Human IdentitiesEpisode: Kubernetes 1.36, Gateway API v1.5, AWS Copilot End of Support, and Cloudflare Non-Human Identities

This episode of Ship It Weekly is about platforms getting sharper about defaults, ownership, and the old paths they are no longer willing to quietly carry forever. Brian…

Episode 34Apr 17, 2026⏱️ 15:00AWS Interconnect GA, Cloudflare Mesh, GitLab 19, EKS Auto Mode, and OpenTelemetry ConfigEpisode: AWS Interconnect GA, Cloudflare Mesh, GitLab 19, EKS Auto Mode, and OpenTelemetry Config

This episode of Ship It Weekly is about networking, ingress, and private access moving further up into the platform layer. Brian covers AWS Interconnect going generally available, Cloudflare…

Episode 33Apr 15, 2026⏱️ 16:28Special: Claude Mythos Preview and Project Glasswing: AI Exploit Discovery, Zero-Day Risk, Business Fallout, and What It Means for DevOps, Cloud, and Platform SecurityEpisode: Special: Claude Mythos Preview and Project Glasswing: AI Exploit Discovery, Zero-Day Risk, Business Fallout, and What It Means for DevOps, Cloud, and Platform Security

In this Ship It Weekly special, Brian breaks down Claude Mythos Preview and Project Glasswing, and why this story matters beyond normal AI launch hype.Anthropic is treating Mythos…

Episode 32Apr 10, 2026⏱️ 15:04Amazon S3 Files, Malicious npm Plugins, Trivy Fallout, and Kubernetes’ Gateway ShiftEpisode: Amazon S3 Files, Malicious npm Plugins, Trivy Fallout, and Kubernetes’ Gateway Shift

This episode of Ship It Weekly is about the interface layer becoming the story. Brian covers Amazon S3 Files and why it feels more like a managed filesystem…

Episode 30Apr 3, 2026⏱️ 13:54GitHub Actions Hardening, Airbnb Config Rollouts, Cloudflare Rust Restarts, ECS Managed Daemons, and Terraform Access ControlsEpisode: GitHub Actions Hardening, Airbnb Config Rollouts, Cloudflare Rust Restarts, ECS Managed Daemons, and Terraform Access Controls

This episode of Ship It Weekly is about the quiet platform work that keeps things safe before they break. Brian covers GitHub Actions hardening in Kubernetes-related repos, Airbnb’s…

Episode 29Mar 27, 2026⏱️ 15:25Hackerbot-Claw Grows, Xygeni Tag Poisoning, GitHub Search HA, Windows SID Failures, and AI Skills Supply ChainEpisode: Hackerbot-Claw Grows, Xygeni Tag Poisoning, GitHub Search HA, Windows SID Failures, and AI Skills Supply Chain

This episode of Ship It Weekly is about the places where convenience quietly turns into trust.Brian revisits the Trivy story by zooming out to the bigger hackerbot-claw GitHub…

Episode 27Mar 20, 2026⏱️ 14:56McKinsey AI Flaw, Kafka Goes Diskless, Google Buys Wiz, AWS Copilot Ends, and AI Gateway on KubernetesEpisode: McKinsey AI Flaw, Kafka Goes Diskless, Google Buys Wiz, AWS Copilot Ends, and AI Gateway on Kubernetes

This week on Ship It Weekly, Brian looks at what happens when new interfaces create old responsibilities.McKinsey patched a vulnerability in its internal AI tool Lilli, Kafka contributors…

Episode 26Mar 13, 2026⏱️ 16:56Meta Buys Moltbook, Block AI Layoffs Get Messier, Atlassian Cuts Jobs, and GitHub Explains the OutagesEpisode: Meta Buys Moltbook, Block AI Layoffs Get Messier, Atlassian Cuts Jobs, and GitHub Explains the Outages

This week on Ship It Weekly, Brian covers five “AI meets reality” stories that every DevOps, SRE, security, and platform team can learn from.Block’s AI layoff story is…

Episode 25Mar 9, 2026⏱️ 30:54Ship It Conversations: Yvonne Young on Linux Foundations, Mentorship, and Getting Job Ready in CloudEpisode: Ship It Conversations: Yvonne Young on Linux Foundations, Mentorship, and Getting Job Ready in Cloud

This is a guest conversation episode of Ship It Weekly (separate from the weekly news recaps).In this Ship It: Conversations episode I talk with Yvonne Young, a cloud…

Episode 24Mar 6, 2026⏱️ 18:20AWS Bahrain/UAE Data Center Issues Amid Iran Strikes, ArgoCD vs Flux GitOps Failures, GitHub Actions Hackerbot-Claw Attacks (Trivy), RoguePilot Codespaces Prompt Injection, Block “AI Remake” Layoffs, Claude Code SecurityEpisode: AWS Bahrain/UAE Data Center Issues Amid Iran Strikes, ArgoCD vs Flux GitOps Failures, GitHub Actions Hackerbot-Claw Attacks (Trivy), RoguePilot Codespaces Prompt Injection, Block “AI Remake” Layoffs, Claude Code Security

This week on Ship It Weekly, Brian looks at how the boundary of ops keeps expanding.We cover AWS flagging issues in Bahrain/UAE amid Iran strikes, ArgoCD vs Flux…

Episode 23Feb 27, 2026⏱️ 17:38Cloudflare BYOIP BGP Withdrawals, Clerk’s Postgres Query-Plan Flip Outage, and AWS Kiro Permissions Lessons (Grafana Privesc + runc CVEs)Episode: Cloudflare BYOIP BGP Withdrawals, Clerk’s Postgres Query-Plan Flip Outage, and AWS Kiro Permissions Lessons (Grafana Privesc + runc CVEs)

This week on Ship It Weekly, Brian looks at how the boundary of ops keeps expanding.We cover AWS flagging issues in Bahrain/UAE amid Iran strikes, ArgoCD vs Flux…

Episode 20Feb 17, 2026⏱️ 18:49Special: OpenClaw Security Timeline and Fallout: CVE-2026-25253 One-Click Token Leak, Malicious ClawHub Skills, Exposed Agent Control Panels, and Why Local AI Agents Are a New DevOps/SRE Control Plane (OpenAI Hires Founder)Episode: Special: OpenClaw Security Timeline and Fallout: CVE-2026-25253 One-Click Token Leak, Malicious ClawHub Skills, Exposed Agent Control Panels, and Why Local AI Agents Are a New DevOps/SRE Control Plane (OpenAI Hires Founder)

In this Ship It Weekly special, Brian breaks down the OpenClaw situation and why it’s bigger than “another CVE.”OpenClaw is a preview of what platform teams are about…

Episode 19Feb 12, 2026⏱️ 15:49When guardrails break prod: GitHub “Too Many Requests” from legacy defenses, Kubernetes nodes/proxy GET RCE, HCP Vault resilience in an AWS regional outage, and PCI DSS scope creepEpisode: When guardrails break prod: GitHub “Too Many Requests” from legacy defenses, Kubernetes nodes/proxy GET RCE, HCP Vault resilience in an AWS regional outage, and PCI DSS scope creep

This week on Ship It Weekly, Brian hits four stories where the guardrails become the incident.GitHub had “Too Many Requests” caused by legacy abuse protections that outlived their…

Episode 18Feb 6, 2026⏱️ 20:53Azure VM Control Plane Outage, GitHub Agent HQ (Claude + Codex), Claude Opus 4.6, Gemini CLI, MCPEpisode: Azure VM Control Plane Outage, GitHub Agent HQ (Claude + Codex), Claude Opus 4.6, Gemini CLI, MCP

This week on Ship It Weekly, Brian hits four “control plane + trust boundary” stories where the glue layer becomes the incident.Azure had a platform incident that impacted…

Episode 17Jan 30, 2026⏱️ 18:39CodeBreach in AWS CodeBuild, Bazel TLS Certificate Expiry Breaks Builds, Helm Charts Reliability Audit, and New n8n Sandbox Escape RCEEpisode: CodeBreach in AWS CodeBuild, Bazel TLS Certificate Expiry Breaks Builds, Helm Charts Reliability Audit, and New n8n Sandbox Escape RCE

This week on Ship It Weekly, Brian looks at four “glue failures” that can turn into real outages and real security risk.We start with CodeBreach: AWS disclosed a…

Episode 15Jan 23, 2026⏱️ 15:39curl Shuts Down Bug Bounties Due to AI Slop, AWS RDS Blue/Green Cuts Switchover Downtime to ~5 Seconds, and Amazon ECR Adds Cross-Repository Layer SharingEpisode: curl Shuts Down Bug Bounties Due to AI Slop, AWS RDS Blue/Green Cuts Switchover Downtime to ~5 Seconds, and Amazon ECR Adds Cross-Repository Layer Sharing

This week on Ship It Weekly, Brian looks at three different versions of the same problem: systems are getting faster, but human attention is still the bottleneck.We start…

Episode 14Jan 16, 2026⏱️ 12:28n8n Auth RCE (CVE-2026-21877), GitHub Artifact Permissions, and AWS DevOps Agent LessonsEpisode: n8n Auth RCE (CVE-2026-21877), GitHub Artifact Permissions, and AWS DevOps Agent Lessons

This week on Ship It Weekly, the theme is simple: the automation layer has become a control plane, and that changes how you should think about risk.We start…

Episode 12Jan 9, 2026⏱️ 16:18n8n Critical CVE (CVE-2026-21858), AWS GPU Capacity Blocks Price Hike, Netflix TemporalEpisode: n8n Critical CVE (CVE-2026-21858), AWS GPU Capacity Blocks Price Hike, Netflix Temporal

This week on Ship It Weekly, Brian’s theme is basically: the “automation layer” is not a side tool anymore. It’s part of your perimeter, part of your reliability…

Episode 9Dec 30, 2025⏱️ 23:25Ship It Conversations: From Full-Stack to Cloud/DevOps, One Project at a Time (with Eric Paatey)Episode: Ship It Conversations: From Full-Stack to Cloud/DevOps, One Project at a Time (with Eric Paatey)

This is a guest conversation episode of Ship It Weekly (separate from the weekly news recaps).I sat down with Eric Paatey, a Cloud & DevOps Engineer who’s been…

Episode 7Dec 21, 2025⏱️ 30:38Ship It Conversations: The WHY Behind DevOps, Upskilling, and Agentic AI (with Maz Islam)Episode: Ship It Conversations: The WHY Behind DevOps, Upskilling, and Agentic AI (with Maz Islam)

This is a Ship It Weekly conversation episode. The weekly news recaps are still weekly. These interviews drop in between when I find someone worth talking to and…

Episode 6Dec 20, 2025⏱️ 12:06GitHub Runner Pricing Pause, Terraform Cloud Limits, and AI in CIEpisode: GitHub Runner Pricing Pause, Terraform Cloud Limits, and AI in CI

This week on Ship It Weekly, Brian looks at how the “platform tax” is showing up everywhere: pricing model shifts, CI dependencies, and new security boundaries thanks to…

Episode 5Dec 12, 2025⏱️ 16:14IBM Buys Confluent, React2Shell, and Netflix on AuroraEpisode: IBM Buys Confluent, React2Shell, and Netflix on Aurora

In this episode of Ship It Weekly, Brian powers through a cold and digs into a very “infra grown-up” week in DevOps.First up, IBM is buying Confluent for…

Episode 3Nov 26, 2025⏱️ 16:40Kubernetes Config Reality Check, EKS Control Planes, and GitHub GuardrailsEpisode: Kubernetes Config Reality Check, EKS Control Planes, and GitHub Guardrails

In this episode of Ship It Weekly, Brian digs into what’s new for people actually running infra: Kubernetes config, EKS control planes and networking, and GitHub’s latest CI/CD…

Episode 1Nov 20, 2025⏱️ 12:54Special: When the Cloud Has a Bad Day: Cloudflare, AWS us-east-1 & GitHub OutagesEpisode: Special: When the Cloud Has a Bad Day: Cloudflare, AWS us-east-1 & GitHub Outages

In this special kickoff episode of Ship It Weekly, Brian walks through three major outages from the last few weeks and what they actually mean for DevOps, SRE,…