Robert Slaughter, Michaela Flatau, Rebecca Lively and Luke Shabro
Welcome to Defense Unicorns, A Podcast for mission focused innovators. We educate, inform, and provide mission heroes with DevSecOps, cybersecurity, and organiz...
On this episode of The Defense Unicorns Podcast, the question isn’t just how to deliver software—it’s how to do it faster, safer, and smarter. According to Bryan Finster Distinguished Engineer at Defense Unicorns, the answer isn’t in rigid frameworks or bloated processes but in embracing continuous delivery, shortening feedback loops, and eliminating the bureaucratic roadblocks that hold teams back. Host Rebecca Lively sits down with Bryan to debunk DevSecOps’ myths, tackle the frustrations of “Agile theater,” and explore why real software success comes from a culture of ownership, not just following a set of rules.Bryan makes a compelling case that rigid processes, review boards, and bureaucratic bottlenecks don’t make software safer—they make it fragile. He argues that adaptability is the real key to security, and that organizations clinging to outdated waterfall-style contracts are setting themselves up for failure. Drawing on experiences from Walmart’s supply chain to government defense systems, he explains how fostering a culture of ownership, feedback, and accountability leads to better outcomes—not just for users, but for the engineers who build the systems.If you’re tired of buzzwords and top-down mandates that miss the mark, this conversation will hit home. Bryan isn’t just here to talk about DevSecOps—he’s here to challenge the way you think about software, leadership, and even history. Whether you want to deliver better software or just hear an unfiltered take on why Agile often fails in practice, this episode is worth a listen.Key Quote:“ The goal we have is number one, I need to be able to respond to the realities of what's happening in production as quickly as possible safely. I don't want to be making up ways to. Make change, I don't want to be cowboying change in when something's going wrong in production, either with security breach or functional problems or whatever it is, then I don't want to be throwing gasoline on a fire at three o'clock in the morning. I need to be able to recover from what's currently occurring as quickly and safely as possible. So operational responsiveness is key. The other part is, if I'm building something new, software development is not the same as building a car. Unless you think of it as designing the car we're going to build. We're prototyping everything all the time. And the bigger the thing is that we deliver. The more wrong is in that prototype. And so it's not about speed. It's about feedback.”Bryan FinsterTime Stamps:(01:39) Balancing Speed and Safety in DevOps(03:53) The Role of Feedback in Software Development(12:35) The Power of Feedback and Continuous Improvement(18:35) Understanding Conway's Law(23:55) Building a Strong Engineering Community(28:26) DevOps and Quality Assurance(33:48) Being Agile in High-Risk Environments(40:13) Lightning RoundLinks:Connect with Bryan FinsterConnect with Rebecca LivelyLearn More About Defense Unicorns
--------
45:01
Building Trust and Security in the DoD: A DevSecOps Perspective
DevOps, culture, and the battlefield converge in this compelling episode of Defense Unicorns as host Rebecca Lively speaks with Dr. Noe Lorona, a platform engineer at the Army Software Factory. Together, they explore the nuances of DevSecOps, unraveling its critical role in the defense sector, where software isn’t just a tool but a lifeline. Dr. Lorona delves into how the Department of Defense has elevated security to the forefront, embedding it into every phase of the development process to ensure reliable and secure systems that protect both lives and missions.Beyond the technical jargon, this episode shines a light on the human side of DevSecOps. Dr. Lorona emphasizes trust, transparency, and a blameless culture as the foundation of agile teams that thrive under pressure. From the necessity of shifting security left to fostering psychological safety in hierarchical environments, his insights offer a roadmap for cultivating innovation in even the most complex and high-stakes organizations.If you’re passionate about the intersection of technology, leadership, and national defense, this episode is a must-listen. Dr. Lorona and Rebecca Lively bring the mission of Defense Unicorns to life: showcasing thought leaders and experts driving transformational change in DevSecOps. Whether you're in the DoD or simply curious about the future of secure and agile software development, this conversation will leave you inspired and informed.Key Quote: “ DevOps is not about the tools. DevOps is, it's the way that we work together, the way that we accomplish things. And. A funny thing, I actually say DevOps as a way of life. When they say, well, what is DevOps? I say, it's a thing you live by. It's the thing you show up to do. It's not a thing. It's not an object. It's a culture. It's the thing you live to do. It's a reason why we wake up so we can go do the DevOps.”Dr. Noe LoronaTime Stamps:(00:26) DevOps vs DevSecOps: What's the Difference?(03:53) Implementing DevOps in the Department of Defense(06:05) Building a Blameless Culture in the Military(14:21) Education in DevOps(24:47) Bringing Open Source Software in the DoD(30:07) Future of DevOps: Exciting Trends(30:42) Community and Collaboration in DevOps(42:07) Career Advice for Aspiring Developers(43:43) Sci-Fi Tech and FuturismLinks:Connect with Dr. Noe LoronaLearn more about Army Software FactoryConnect with Rebecca LivelyLearn more About Defense Unicorns
--------
48:37
Inside Cyber Defense: Col. Sean Kern on Building Agile, Secure Teams
In this episode, Defense Unicorns welcomes Col. Sean Kern, the Director of Cyberspace Operations Strategy at SAIC, who brings experience in military and cybersecurity strategy. Kern shares his journey from military service to civilian leadership, sharing the unique challenges and adjustments required in the transition. He discusses how his military background shaped his understanding of systems and software engineering and how essential it is to cultivate a resilient and adaptable culture in any DevSecOps team. Kern emphasizes that trust, humility, and continuous learning are cornerstones for building high-performing cybersecurity operations, both in the military and private sectors.The conversation dives deep into automation and the role of human judgment in high-stakes cybersecurity decisions. Kern puts a focus on a balanced approach, where automation speeds up processes without sacrificing the critical oversight humans provide. His thoughts on combating biases within AI and ensuring ethical applications of automation highlight the importance of strategic human involvement. His perspective illustrates how both tech innovation and human expertise are essential to adapting cybersecurity practices for dynamic challenges.Kern also addresses the structural complexities of coordinating cybersecurity operations across military branches. He explores the need for a more unified organizational framework that could enhance operational readiness and efficiency in cyber operations. Drawing from his experience, Kern advocates for a strategic, flexible, and consistent approach to cybersecurity management, emphasizing that speed and adaptability are key to staying ahead of potential threats in today's world.Key Quote:“Culture is going to happen whether you do it or not. Like that's the scary part. It's going to exist. You know, if it's left to its own devices, then if you get anything good out of it, that's pure chance. That's pure luck and we don't need to fight China on pure chance or pure luck. So we need to be deliberate about the culture we put in place.”Col. Sean KernTime Stamps:(00:32) Sean Kern's Military Background(06:42) Transitioning from the Military to the Private Sector(11:47) Building Effective Teams and Organizations(19:59) The Importance of Culture(28:24) Automation vs. Human Accuracy(34:50) Organizational Design for Cyber Operations(49:14) Lightning RoundLinks:Connect with Col. Sean KernLearn More About SAICConnect with Rebecca LivelyLearn More About Defense Unicorns
--------
52:27
From Code to Combat: The Tech Transforming the DoD
In this episode of The Defense Unicorns Podcast, we’re joined by Collen Roller, Founder of Dark Saber, as he shares his journey of innovation within the U.S. Air Force. From his work in Natural Language Processing (NLP) to mentoring airmen on developing applications using outdated systems, Collen’s story highlights perseverance and creativity. Discover how Dark Saber has empowered airmen to build production-ready software, transforming their operational efficiency.We explore the transformative potential of generative AI in defense, including its ability to automate tasks like paperwork and coding, enhancing productivity. Collen also introduces Nipper GPT, an AI tool tailored for DoD networks that bridges information gaps through conversational interfaces, pushing the boundaries of data access within military environments.Looking to the future, Collen discusses exciting advancements like Retrieval Augmented Generation (RAG) and multi-agent AI architectures, poised to revolutionize military data interactions. As he reflects on the importance of passion and community in driving change, this episode showcases Collen’s commitment to modernizing defense technology through innovation.Key Quote: “I think that people need to realize that these tools are for their benefits and they need to get involved in using them today to enhance their performance and workflow because if you're not using them, you're being slow.”-Collen Roller, Founder of Dark SaberTime Stamps:(00:00) DoD Software and Conversational Systems(11:28) Future of AI in Military Operations(17:05) Future Developments in Artificial Intelligence(34:38) Revolutionizing Software Development in DoD(44:21) Driving Change in DoD Through PassionLinks:Learn more about Dark SaberConnect with CollenConnect with Luke
--------
45:23
Keeping Open Source Software Secure with Eddie Zaneski
This week on, Defense Unicorns Podcast we welcome Eddie Zaneski, the tech lead for open source here at Defense Unicorns, who takes us through his fascinating career journey from aspiring math teacher to a key player in the tech industry. Eddie shares his experiences transitioning into computer science, his passion for developer relations, and his significant contributions to the Kubernetes project. We dive into the evolution of software deployment, from bare metal servers to virtual machines and containers, and how Kubernetes has become essential in managing large-scale containerized applications. Eddie also reflects on his time at DigitalOcean, Amazon, and ChainGuard, highlighting his work on software supply chain security projects like Protobomb and Sigstore.Our conversation then turns to the security of open-source communities, challenging the misconception that open-source software is less secure than its closed-source counterparts. Eddie discusses the advantages of transparency in open source, using the XZ library's recent security breach as a case study to emphasize the importance of trust and identity verification. We also explore the potential for similar vulnerabilities in closed-source projects and the growing importance of supply chain security measures, including building integrity and software bills of materials (SBOM). The episode concludes with a thought-provoking discussion on the benefits of transparency in open source and whether proprietary software incidents would be as openly shared or understood.Eddie shares his enthusiasm for leveraging government funding to support open-source projects. He expresses his excitement about engaging with soldiers, airmen, and guardians to understand their challenges and explore open-source solutions. We also touch on innovative tools for air-gapped environments, like Zarf, and their applications across various industries. Listen in as Eddie recounts his experiences at Bravo hackathons, the unique challenges faced by developers in constrained environments, and offers valuable career advice for those passionate about open source and software development.Key Quote“There's lots of misconceptions and I'm sure you and I can talk about all of them. One of the big ones is, just. It's less secure, right? that's a massive myth. Open source security is less secure because all the code is in the open and everyone can go find the holes and generally quite the opposite actually, because the code is in the open, everyone can do their own audits and everyone can see what's happening under the covers of the magic box that you usually can't peer into with proprietary software. We have entire teams of like security. So the Kubernetes project is divided up into special interest groups or SIGs. So we have SIGs for security, we have a product security council and committee that is the incident response people for when there is a new CVE or a bug found, and all sorts of different types of things that are just tailored around security.”-Eddie ZaneskiTime Stamps:(00:02) Kubernetes and Open Source Evolution(08:17) Security in Open Source Communities(20:43) Software Bill of Materials for Cybersecurity(24:04) Exploring Defense Unicorns and Open Source(31:43) Navigating Careers in Open Source(42:25) Breaking Barriers in Defense Innovation(46:42) Collaborating for Defense Open SourceLinksConnect with Eddie
Welcome to Defense Unicorns, A Podcast for mission focused innovators. We educate, inform, and provide mission heroes with DevSecOps, cybersecurity, and organizational transformation stories from the world's leading problem solvers. Join our hosts Rob Slaughter, Michaela Flatau, Rebecca Lively and Luke Shabro on this journey building connections across the the defense community.
UK