season 1, Episode 1:
Infrastructure as Code, AWS Edition
In the pilot episode, Darren and Erik talk about the real world experiences and challenges of working with Infrastructure as Code.
Contact Info:
Darren Weiner, independent AWS cloud consultant
Twitter: https://twitter.com/cloudcoffeetalk
LInkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Erik DeRoin, SRE for TrainingPeaks.com
LinkedIn: https://www.linkedin.com/in/erik-deroin/
References for mentions in this episode:
Phoenix Project
DevOps Handbook
Google SRE handbook
Accelerate
AWS Resources and Pproperty Types Reference for CloudFormation
Terraform
Chalice
AWS CDK
Octopus Deploy reading list: Team Topologies
season 1, Episode 2:
Serverless for Everyone! - AWS Edition
Special guest Eric Johnson, Developer Advocate for Serverless at AWS, talks about his journey and shares his depth of knowledge and passion for serverless technology.
Contact info:
Eric Johnson, Developer Advocate for Serverless at AWS:
twitter link: https://twitter.com/edjgeek
Erik DeRoin, SRE for TrainingPeaks.com
LinkedIn: https://www.linkedin.com/in/erik-deroin/
Darren Weiner, Independent AWS cloud consultant
Twitter: https://twitter.com/cloudcoffeetalk
LinkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
References for mentions in this episode:
U2
Serverlessland Website
Serverlessland YouTube channel
Eric's(EJ's) presentations:
I didn't know API Gateway could do that.
Leveraging serverless for full stack development
Thinking Asynchronously
season 1, Episode 3:
CONTAINERS, CONTAINERS, CONTAINERS, AWS Edition
Darren and Erik talk about Containers: This episode discusses the AWS Elastic Container Service (ECS) in some depth. General containerization concepts, challenges and successes are discussed.
Contact Info:
Darren Weiner, Independent AWS cloud consultant
Twitter: https://twitter.com/cloudcoffeetalk
LInkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Erik DeRoin, SRE for TrainingPeaks.com
LinkedIn: https://www.linkedin.com/in/erik-deroin/
References for mentions in this episode:
AWS Elastic Container Service Developer Guide
AWS Fargate
season 1, Episode 4:
The cost of the cloud, AWS Edition
No matter what you do in the cloud, you are paying for it! Discussions of overspend, optimization ideas, successes and failures
Contact Info:
Darren Weiner, Independent AWS cloud consultant
Twitter: https://twitter.com/cloudcoffeetalk
LInkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Erik DeRoin, SRE for TrainingPeaks.com
LinkedIn: https://www.linkedin.com/in/erik-deroin/
References for mentions in this episode:
ECS Exec
ECS Capacity Providers
Cost Tag Allocation
Savings Plans
season 1, Episode 5:
SECURITY OF THE CLOUD: PART 1
Managing Cloud Security is a challenge that keeps on changing.
Tyler shares his experience successfully growing a cloud security team.
Contact Info:
Darren Weiner, Independent AWS cloud consultant
LinkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Twitter: https://twitter.com/cloudcoffeetalk
Tyler Warren, Director of IT Security, Prologis
LinkedIn: https://www.linkedin.com/in/tylerwarren1/
References for mentions in this episode:
CSA (Cloud Security Alliance Colorado)
Snowflake
Tableau
Sigma
season 1, Episode 6:
SECURITY OF THE CLOUD 2: White hat edition
This is such a great discussion with Greg Foss, Threat Intelligence Researcher extraordinaire, ethical hacker, pen tester, and all around nice guy that you want on your side of the security discussion. We cover a wide range of cybersecurity-related topics, such as Ransomware trends, being banned from AOL, the elegance of malware, why you should never trust public wifi, the speed of a hack, security culture challenges, and much more.
Contact Info:
Darren Weiner, Independent AWS cloud consultant
LinkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Twitter: https://twitter.com/cloudcoffeetalk
Greg Foss
LinkedIn: https://www.linkedin.com/in/gregfoss/
Twitter: https://twitter.com/35Foss
References for mentions in this episode:
Cyber-links:
Cloud Security Alliance - Colorado Chapter
Lacework
Chris Nickerson - Tiger Team
BlackHat DefCon
Dark Web
Randori
Attacks/Reports:
Kaseya attack
Mandiant APT1 report
EthernalBlue NSA exploit
Evil Twin attacks
Dark Hotel attacks
Lazarus group
Tools/Hardware:
Pacu - RhinoLabs
Metasploit
AWS CLI
Netbus
Boto3
Stingray
Pineapple
Terms:
Blue Team/Red Team
White Hat
season 1, Episode 7:
certifications in the cloud
Listen in as I speak with special guest Mohamed Malki, a lifelong educator and learner, about certifications in the cloud. Mohamed's real-world experience and desire to learn as much as he teaches provides a unique and authentic perspective. Discussion topics include the different exam options for those getting into cloud, tips on preparing for exams, behind-the-scenes discussion on writing exams, and much more!
Contact Info:
Darren Weiner, Independent AWS cloud consultant
LinkedIn: https://www.linkedin.com/in/darren-weiner/
Website: https://www.cloudbutton.net
Twitter: https://twitter.com/cloudcoffeetalk
Mohamed Malki
email: training @ cloudtrainingacademy.com
References for mentions in this episode:
Links to organizations and their exams:
ISC2:
Cloud Security Alliance (CSA):
Certified Ethical Hacker (CEH)
Offensive Security (OCSP)
AWS Certifications
GCP Certifications
Cisco:
State of Colorado Vet program:
OITs Security Operations Center sees approximately 8.4 million security events each day. The Security Operations team is responsible for evaluating those, using tools and personnel, to determine which might be an indication of an attack underway, versus which can safely be ignored. With that daily volume, more security analysts are needed to monitor and investigate the events, then makes sense for the state of Colorado to employ. As a result, during FY18, OIT implemented a Veterans Transition Program (VTP), which is a paid 9-month internship for veterans with two levels of IT or cybersecurity expertise.
The goal of this program was threefold:
Employ a class of Veterans to help with current cybersecurity needs including monitoring and responding to security events, while they are fulfilling their internship
Help Veterans acquire resume-building cybersecurity skills that would help them find meaningful employment in the cybersecurity field
Create a pipeline of talent to fill cybersecurity positions at the state of Colorado.
This program has been wildly successful in that we have increased our capabilities within our security operations center, and are investigating more security events than we ever have in the past. These Veterans have helped to create standard operating procedures and playbooks to bring efficiencies to how we respond to cybersecurity events. Additionally, OIT has successfully hired 6 or more of these highly skilled Veterans into its cybersecurity program, as full time employees, over the past 3 years.