Why DevSecOps isn't enough without deep cloud context with Anjali Singh Shukla

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/ab/b0/da/abb0dac0-046c-0dcf-9ed2-3608f7da6605/mza_7681932657336190582.jpg/600x600bb.jpg

The Elephant in AppSec

78 episodes

1 week ago

Time to discuss AppSec issues no one talks about.

All content for The Elephant in AppSec is the property of The Elephant in AppSec and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Time to discuss AppSec issues no one talks about.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/39783987/39783987-1758578646923-30b96853bc63.jpg

Why DevSecOps isn't enough without deep cloud context with Anjali Singh Shukla

The Elephant in AppSec

32 minutes 36 seconds

1 month ago

Why DevSecOps isn't enough without deep cloud context with Anjali Singh Shukla

Today I’m joined by Anjali Singh Shukla, Senior Security Engineer Cloud at Flipkart. She bridges the worlds of Cloud Security and DevSecOps, having led audits and defense strategies across AWS, Azure, and GCP, with a strong focus on Kubernetes and container security.

Beyond building secure pipelines, Anjali designs training programs and speaks at global conferences like Black Hat and OWASP.

Most recently at OWASP AppSec Days Singapore, she showed how attackers exploit AWS EKS misconfigurations and how to defend against them.

In this episode, we dive into why DevSecOps alone isn’t enough without a deep understanding of cloud, and the risks that come with moving fast in modern deployments. Anjali also shares her perspective on securing multi-cloud environments and weighs in on the industry’s buzz around CNAPP and CSPM and ASPM convergence.

And with that, get ready to hear Anjali’s opinions.