Defense Unicorns, A Podcast

• Building Trust and Security in the DoD: A DevSecOps Perspective

  DevOps, culture, and the battlefield converge in this compelling episode of Defense Unicorns as host Rebecca Lively speaks with Dr. Noe Lorona, a platform engineer at the Army Software Factory. Together, they explore the nuances of DevSecOps, unraveling its critical role in the defense sector, where software isn’t just a tool but a lifeline. Dr. Lorona delves into how the Department of Defense has elevated security to the forefront, embedding it into every phase of the development process to ensure reliable and secure systems that protect both lives and missions.Beyond the technical jargon, this episode shines a light on the human side of DevSecOps. Dr. Lorona emphasizes trust, transparency, and a blameless culture as the foundation of agile teams that thrive under pressure. From the necessity of shifting security left to fostering psychological safety in hierarchical environments, his insights offer a roadmap for cultivating innovation in even the most complex and high-stakes organizations.If you’re passionate about the intersection of technology, leadership, and national defense, this episode is a must-listen. Dr. Lorona and Rebecca Lively bring the mission of Defense Unicorns to life: showcasing thought leaders and experts driving transformational change in DevSecOps. Whether you're in the DoD or simply curious about the future of secure and agile software development, this conversation will leave you inspired and informed.Key Quote: “ DevOps is not about the tools. DevOps is, it's the way that we work together, the way that we accomplish things.  And. A funny thing, I actually say DevOps as a way of life. When they say, well, what is DevOps? I say, it's a thing you live by. It's the thing you show up to do. It's not a thing. It's not an object. It's a culture. It's the thing you live to do. It's a reason why we wake up so we can go do the DevOps.”Dr. Noe LoronaTime Stamps:(00:26) DevOps vs DevSecOps: What's the Difference?(03:53) Implementing DevOps in the Department of Defense(06:05) Building a Blameless Culture in the Military(14:21) Education in DevOps(24:47) Bringing Open Source Software in the DoD(30:07) Future of DevOps: Exciting Trends(30:42) Community and Collaboration in DevOps(42:07) Career Advice for Aspiring Developers(43:43) Sci-Fi Tech and FuturismLinks:Connect with Dr. Noe LoronaLearn more about Army Software FactoryConnect with Rebecca LivelyLearn more About Defense Unicorns

  --------  

  48:37
• Inside Cyber Defense: Col. Sean Kern on Building Agile, Secure Teams

  In this episode, Defense Unicorns welcomes Col. Sean Kern, the Director of Cyberspace Operations Strategy at SAIC, who brings experience in military and cybersecurity strategy. Kern shares his journey from military service to civilian leadership, sharing the unique challenges and adjustments required in the transition. He discusses how his military background shaped his understanding of systems and software engineering and how essential it is to cultivate a resilient and adaptable culture in any DevSecOps team. Kern emphasizes that trust, humility, and continuous learning are cornerstones for building high-performing cybersecurity operations, both in the military and private sectors.The conversation dives deep into automation and the role of human judgment in high-stakes cybersecurity decisions. Kern puts a focus on a balanced approach, where automation speeds up processes without sacrificing the critical oversight humans provide. His thoughts on combating biases within AI and ensuring ethical applications of automation highlight the importance of strategic human involvement. His perspective illustrates how both tech innovation and human expertise are essential to adapting cybersecurity practices for dynamic challenges.Kern also addresses the structural complexities of coordinating cybersecurity operations across military branches. He explores the need for a more unified organizational framework that could enhance operational readiness and efficiency in cyber operations. Drawing from his experience, Kern advocates for a strategic, flexible, and consistent approach to cybersecurity management, emphasizing that speed and adaptability are key to staying ahead of potential threats in today's world.Key Quote:“Culture is going to happen whether you do it or not. Like that's the scary part. It's going to exist. You know, if it's left to its own devices, then if you get anything good out of it, that's pure chance. That's pure luck and we don't need to fight China on pure chance or pure luck. So we need to be deliberate about the culture we put in place.”Col. Sean KernTime Stamps:(00:32) Sean Kern's Military Background(06:42) Transitioning from the Military to the Private Sector(11:47) Building Effective Teams and Organizations(19:59) The Importance of Culture(28:24) Automation vs. Human Accuracy(34:50) Organizational Design for Cyber Operations(49:14) Lightning RoundLinks:Connect with Col. Sean KernLearn More About SAICConnect with Rebecca LivelyLearn More About Defense Unicorns

  --------  

  52:27
• From Code to Combat: The Tech Transforming the DoD

  In this episode of The Defense Unicorns Podcast, we’re joined by Collen Roller, Founder of Dark Saber, as he shares his journey of innovation within the U.S. Air Force. From his work in Natural Language Processing (NLP) to mentoring airmen on developing applications using outdated systems, Collen’s story highlights perseverance and creativity. Discover how Dark Saber has empowered airmen to build production-ready software, transforming their operational efficiency.We explore the transformative potential of generative AI in defense, including its ability to automate tasks like paperwork and coding, enhancing productivity. Collen also introduces Nipper GPT, an AI tool tailored for DoD networks that bridges information gaps through conversational interfaces, pushing the boundaries of data access within military environments.Looking to the future, Collen discusses exciting advancements like Retrieval Augmented Generation (RAG) and multi-agent AI architectures, poised to revolutionize military data interactions. As he reflects on the importance of passion and community in driving change, this episode showcases Collen’s commitment to modernizing defense technology through innovation.Key Quote: “I think that people need to realize that these tools are for their benefits and they need to get involved in using them today to enhance their performance and workflow because if you're not using them, you're being slow.”-Collen Roller, Founder of Dark SaberTime Stamps:(00:00) DoD Software and Conversational Systems(11:28) Future of AI in Military Operations(17:05) Future Developments in Artificial Intelligence(34:38) Revolutionizing Software Development in DoD(44:21) Driving Change in DoD Through PassionLinks:Learn more about Dark SaberConnect with CollenConnect with Luke

  --------  

  45:23
• Keeping Open Source Software Secure with Eddie Zaneski

  This week on, Defense Unicorns Podcast we welcome Eddie Zaneski, the tech lead for open source here at Defense Unicorns, who takes us through his fascinating career journey from aspiring math teacher to a key player in the tech industry. Eddie shares his experiences transitioning into computer science, his passion for developer relations, and his significant contributions to the Kubernetes project. We dive into the evolution of software deployment, from bare metal servers to virtual machines and containers, and how Kubernetes has become essential in managing large-scale containerized applications. Eddie also reflects on his time at DigitalOcean, Amazon, and ChainGuard, highlighting his work on software supply chain security projects like Protobomb and Sigstore.Our conversation then turns to the security of open-source communities, challenging the misconception that open-source software is less secure than its closed-source counterparts. Eddie discusses the advantages of transparency in open source, using the XZ library's recent security breach as a case study to emphasize the importance of trust and identity verification. We also explore the potential for similar vulnerabilities in closed-source projects and the growing importance of supply chain security measures, including building integrity and software bills of materials (SBOM). The episode concludes with a thought-provoking discussion on the benefits of transparency in open source and whether proprietary software incidents would be as openly shared or understood.Eddie shares his enthusiasm for leveraging government funding to support open-source projects. He expresses his excitement about engaging with soldiers, airmen, and guardians to understand their challenges and explore open-source solutions. We also touch on innovative tools for air-gapped environments, like Zarf, and their applications across various industries. Listen in as Eddie recounts his experiences at Bravo hackathons, the unique challenges faced by developers in constrained environments, and offers valuable career advice for those passionate about open source and software development.Key Quote“There's lots of misconceptions and I'm sure you and I can talk about all of them. One of the big ones is, just. It's less secure, right? that's a massive myth. Open source security is less secure because all the code is in the open and everyone can go find the holes and generally quite the opposite actually, because the code is in the open, everyone can do their own audits and everyone can see what's happening under the covers of the magic box that you usually can't peer into with proprietary software. We have entire teams of like security. So the Kubernetes project is divided up into special interest groups or SIGs. So we have SIGs for security, we have a product security council and committee that is the incident response people for when there is a new CVE or a bug found, and all sorts of different types of things that are just tailored around security.”-Eddie ZaneskiTime Stamps:(00:02) Kubernetes and Open Source Evolution(08:17) Security in Open Source Communities(20:43) Software Bill of Materials for Cybersecurity(24:04) Exploring Defense Unicorns and Open Source(31:43) Navigating Careers in Open Source(42:25) Breaking Barriers in Defense Innovation(46:42) Collaborating for Defense Open SourceLinksConnect with Eddie

  --------  

  48:08
• Connecting DevSecOps to Boyd’s Theories with Mark McGrath

  In this episode of the Defense Unicorns Podcast, Rebecca sits down with Mark McGrath, a Marine Corps veteran turned asset manager and consultant, to explore how modern DevSecOps practices intersect with John Boyd's theories. Mark’s deep understanding of Boyd's OODA loop—observe, orient, decide, act—shapes how he helps clients in industries like manufacturing, energy, and public relations respond to complexity and streamline decision-making, much like DevSecOps optimizes software development and deployment.Diving into the legacy of John Boyd and going beyond the OODA loop, Mark discusses Boyd’s influence on business strategy, finance, and software development. Mark brings a fresh angle to Boyd’s concept of rapid iteration, emphasizing how speed, adaptability, and customer feedback are key tenets not just in the military or on Wall Street but also in DevSecOps. We also delve into Boyd's "Destruction and Creation," connecting it to principles of continuous integration and delivery, and explore how his philosophy of action and adaptation aligns with the core practices of DevSecOps.Throughout the episode, Mark highlights the critical role of psychological safety and cross-functional collaboration, both key to effective leadership and DevSecOps culture. Whether you're deploying code or managing high-stakes operations, this conversation illuminates the relevance of Boyd's theories for anyone aiming to navigate complexity, enhance agility, and drive innovation in their organization.Key Quote“You realize I have to continuously shatter and smash my understanding of the world or my perception of the world because if I don't I'm going to become Blockbuster video. And if I don't, I'm going to be Blackberry. Or if I don't, I'm going to stagnate and I'm going to become extremely vulnerable to my competitors or the rate of change or whatever it is, it's going to get me and I'm not going to be able to survive on my own terms and it's impossible for me to ever thrive.”-Mark McGrathTime Stamps:00:58 Mark McGrath's Background and Career Journey01:38 Discovering John Boyd's Theories04:13 Joining AGLX and Applying Boyd's Theories06:35 Understanding John Boyd's Broader Impact17:47 Boyd's Conceptual Spiral and Continuous Reorientation28:39 Challenging the Status Quo33:33 The Importance of Humility35:06 Comfort vs. Volatility40:13 The Power of Feedback48:07 Boyd's Universal ApplicabilityLinks:Connect with MarkLearn more about AGLXCheck out the “No Way Out” PodcastThe Whirl of Reorintation SubstackRead Destruction and CreationRead John Boyd, The Fighter Pilot Who Changed The Art of War Read The Psychology of Military Incompetence Read the Timeless Way of Building

  --------  

  52:37

Altri podcast di Governo

Podcast di tendenza in Governo

Su Defense Unicorns, A Podcast