Jan 19
Loading video player...
In the last episode, we explored DevOps careers — the roles, paths, and cloud platforms that power modern DevOps teams. In Episode 10 of devOps: Git Started, host Raheem Kareem takes the next logical step: layering security directly into DevOps workflows 🔐⚙️ Because once teams scale, speed alone isn’t enough — systems must be secure by design. DevSecOps isn’t about slowing teams down or adding friction. It’s about embedding security into the same pipelines, platforms, and decisions that already power DevOps — from code to cloud to access control. In this episode, we’ll cover: ✅ The difference between DevOps and DevSecOps — and why the distinction matters ✅ How security shifts from a late-stage checkpoint to a shared responsibility ✅ Why identity, access, and permissions are foundational to secure systems ✅ How security tools integrate directly into developer workflows ✅ What “shift left” security looks like in practice ✅ Why mastering roles & permissions is one of the fastest ways to level up in DevSecOps Raheem starts by walking through the DevOps vs. DevSecOps Framework, showing how development, operations, and application delivery evolve when security is embedded — not bolted on. The framework highlights how DevSecOps strengthens reliability, reduces risk, and builds confidence across teams without sacrificing velocity. From there, the episode moves into a hands-on showcase of real-world DevSecOps tools and platforms. Raheem demonstrates how security shows up across the stack — from code scanning with CodeQL, to secure secrets management in GitHub, to cloud identity and access management in AWS and Google Cloud 🧑💻☁️ Along the way, he explores Google’s developer ecosystem (with a very real “Googleyness” detour 😄), before grounding everything in a practical example inside the GCP Console, using IAM & Admin in the RKB Labs project to show how role-based access control directly impacts security, scalability, and trust. The episode closes with a core DevSecOps truth: Most security failures aren’t technical — they’re permission problems. Whether you’re a developer, operator, or aspiring DevSecOps engineer, this episode helps you understand how security, identity, and access control form the backbone of modern DevOps systems — and why mastering them is one of the best ways to Git Started. 🧰 Tools & Platforms Featured: 🛠️ CodeQL – https://codeql.github.com/ 🛠️ CodeQL for VS Code – https://marketplace.visualstudio.com/items?itemName=github.vscode-codeql 🛠️ GitHub Secrets – https://docs.github.com/en/actions/concepts/security/secrets 🛠️ Amazon Web Services (AWS) – https://aws.amazon.com/ 🛠️ Google Cloud IAM – https://docs.cloud.google.com/iam/docs/roles-overview 🛠️ Google for Developers – https://developers.google.com/ 🛠️ Google Cloud Console – https://console.cloud.google.com/ 🔑 Links & Resources: 📺 Subscribe to RKB Tech Television for more DevOps, cloud, and AI-driven episodes: https://linktr.ee/rkblueprints 📌 Like, comment, and subscribe to follow the full devOps: Git Started series. From pipelines to permissions — this is how secure DevOps is built 🔐 Let’s keep building. 🚀 Git started together. #business #technology #creativity #DevOps #DevSecOps #GitStarted #CloudSecurity #IAM #RBAC #ShiftLeftSecurity #CodeQL #GitHubActions #CloudEngineering #AWS #GoogleCloud #DeveloperOperations #PlatformSecurity #InfrastructureSecurity #BuildInPublic