Ep 10 - From Chaos to Controls - The Story Behind OWASP SPVS

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/df/be/99/dfbe9941-d770-5736-7a80-42f538522c86/mza_6689034245075288237.jpg/600x600bb.jpg

Coffee, Chaos and ProdSec

Cameron Walters & Kurt Hendle

19 episodes

5 hours ago

Coffee, Chaos & ProdSec is where cybersecurity meets caffeine-fueled chaos. Hosts Kurt (security architect and chaos tamer) and Cameron (ProdSec wrangler and DevSecOps junkie) dive into hacking, AppSec, supply chain failures, AI surprises, and the everyday madness of defending modern systems. With humor, sharp insight, real breach breakdowns, bad password confessions, and a few questionable impressions, they explore the messy reality of security and how teams survive it. New episodes Every Wednesday at 5 AM Eastern.

Technology

RSS

All content for Coffee, Chaos and ProdSec is the property of Cameron Walters & Kurt Hendle and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44638564/44638564-1762886116274-9844ad74a348e.jpg

Ep 10 - From Chaos to Controls - The Story Behind OWASP SPVS

Coffee, Chaos and ProdSec

50 minutes 5 seconds

1 month ago

Ep 10 - From Chaos to Controls - The Story Behind OWASP SPVS

🎙️ Coffee, Chaos & ProdSec – Ep 10

This week, Cameron and Kurt sit down with the co-founders of the OWASP Secure Pipeline Verification Standard to unpack the real story behind SPVS and why the industry desperately needed a pipeline-focused security standard.

From the early days of chaotic DevSecOps practices and scattered controls, to the moment the community rallied behind a structured, prescriptive approach, this episode dives into how SPVS came to life and the problems it set out to fix. Your hosts explore the gaps between policy and practice, why pipelines became the new enterprise battleground, and how SPVS is changing the way teams think about CI and CD security.

You will hear candid insights on the earliest design debates, the tradeoffs that shaped the framework, and the push to create something both practical and auditable. It is a conversation that connects the dots between pipeline pain, cultural friction, and the growing need for predictable, verifiable controls in modern software delivery.

If you work in AppSec, Product Security, DevSecOps, platform engineering, or you are simply curious about how community standards evolve, this episode offers a rare look inside the origin, intent, and future of SPVS.

☕ New episodes every Wednesday.

Grab your coffee, settle in, and follow along as we explore how pipeline chaos turned into pipeline clarity.