#12 DevOps and SecOps

February 13, 2026 · 01:25:49 · Krisztian Fischer & Toby Sears

Spotify Apple Podcasts YouTube

Show Notes

In this episode, Toby and Krisztian take a deep look at DevOps and SecOps: where the ideas came from, what they were supposed to mean, how they got warped by the industry, and what good looks like in practice. They cover the waterfall origins of ops as a separate team, the shift-left movement, the build-it-you-run-it principle, why DevOps as a job title makes no sense, platform engineering, and how security is going through the same transformation. They also cover common anti-patterns, DORA metrics, how to get buy-in for a transformation, and what it looks like when it works at scale.

https://techleaguepodcast.com/

LinkedIn: https://www.linkedin.com/company/techleague-podcast/

Instagram: https://www.instagram.com/techleaguepodcast/

Apple Podcasts: https://podcasts.apple.com/us/podcast/tech-league/id1852602975

Spotify: https://open.spotify.com/show/1zx8UIe2EjawuVU3I31fdP

Chapters

0:00 Introduction

0:28 What DevOps was actually supposed to mean

1:57 The waterfall origins: why ops and dev were separate

5:45 Full stack and the rise of the developer-operator

8:40 Why the old model produced poor software quality

11:04 The move to agile and SaaS changed everything

14:15 DevOps as a term: what went wrong

16:08 Platform engineering: the natural next step

21:00 Breaking down the dev vs ops cultural divide

25:47 Real-world example: 10x performance improvement through shared ownership

30:29 Security is going through the same transformation

32:49 Shifting security left: from IDE to CI/CD pipeline

37:02 Reachability scanning and avoiding false positives

40:25 The strangler pattern for security posture improvement

43:34 SecOps as enablers, not gatekeepers

45:34 Common DevOps anti-patterns

53:48 Four-eyes principle done right vs done as Jira ping-pong

1:00:00 DORA metrics: how to measure if your DevOps is working

1:05:39 Management buy-in: why it matters and why it's hard

1:11:43 Real transformation stories

1:20:00 Internal platforms and giving teams real autonomy

Technologies Mentioned

Kubernetes - https://kubernetes.io

AWS - https://aws.amazon.com

Grafana Cloud - https://grafana.com/products/cloud

Checkov - https://www.checkov.io

GitHub Actions - https://github.com/features/actions