What is DevSecOps?

What is DevSecOps?

This episode of Techsplainers explores DevSecOps, the practice of integrating security throughout the entire software development lifecycle rather than treating it as an afterthought. The discussion covers how DevSecOps represents a fundamental shift from traditional approaches by making security everyone's responsibility - from developers to operations teams. We explore core principles including ""shifting left,"" automation, and treating security as code. The episode examines implementation practices like security tools integration within CI/CD pipelines and the benefits organizations gain, including faster delivery of secure software and reduced costs. We also address common challenges like cultural resistance and the learning curve that teams face when adopting this approach, while highlighting strategies for successful implementation in today's evolving threat landscape. Find more information at https://www.ibm.com/think/topics/devsecops [https://www.ibm.com/think/topics/devsecops] Find more episodes at https://www.ibm.biz/techsplainers-podcast [https://www.ibm.biz/techsplainers-podcast] Narrated by Derek Robertson

What is identity orchestration?

This episode of Techsplainers explores identity orchestration, a powerful solution for coordinating disparate identity and access management systems across organizations. We explain how modern businesses struggle with fragmented identity landscapes as they adopt numerous SaaS applications and multi-cloud environments. The episode details how identity orchestration platforms create a central control plane that connects all identity tools into a cohesive ""identity fabric,"" enabling seamless workflows without custom coding. Through a practical example of new hire onboarding, we illustrate how orchestration automates complex identity processes. We also examine key use cases including breaking down identity silos across environments, creating custom SSO systems for incompatible applications, modernizing security for legacy systems without code rewrites, and meeting regulatory compliance requirements through improved visibility and access control. Find more information at https://www.ibm.com/think/topics/identity-orchestration [https://www.ibm.com/think/topics/identity-orchestration] Find more episodes at https://www.ibm.biz/techsplainers-podcast [https://www.ibm.biz/techsplainers-podcast] Narrated by Bryan Clark

What is single sign-on (SSO)?

This episode of Techsplainers explores single sign-on (SSO), the authentication approach that lets users access multiple applications with just one login. Building on our previous authentication discussions, we explain how SSO balances security with convenience by eliminating the need for multiple passwords while enabling stronger authentication practices. The podcast walks through how SSO works technically and examines variations including adaptive SSO, federated identity management, and social login options. We also cover the technical standards powering SSO implementations, such as SAML, OAuth, and OpenID Connect. The episode concludes by addressing SSO's potential security risks and explaining why combining it with multi-factor authentication creates an ideal balance of convenience and protection. Find more information at https://www.ibm.com/think/topics/single-sign-on [https://www.ibm.com/think/topics/single-sign-on] Find more episodes at https://www.ibm.biz/techsplainers-podcast [https://www.ibm.biz/techsplainers-podcast] Narrated by Bryan Clark

What is biometric authentication?

This episode of Techsplainers explores biometric authentication, a method of verifying user identity based on who you are rather than what you know or have. Building on our previous discussions of authentication methods, we examine how biometrics offer a compelling alternative to vulnerable passwords by using unique physical characteristics like fingerprints, facial features, and iris patterns. The podcast details both physical and behavioral biometrics, such as typing patterns and gait analysis, while explaining how these systems work. We also discuss multimodal biometric authentication, which combines multiple methods for enhanced security. With stolen credentials among the most common attack vectors, biometric authentication provides organizations with stronger security that's also more convenient for users. Find more information at https://www.ibm.com/think/topics/biometric-authentication [https://www.ibm.com/think/topics/biometric-authentication] Find more episodes at https://www.ibm.biz/techsplainers-podcast [https://www.ibm.biz/techsplainers-podcast] Narrated by Bryan Clark

What is MFA (multifactor authentication)?

This episode of Techsplainers explores multifactor authentication (MFA) as a critical defense against account compromise and identity theft. Building on our previous authentication discussion, we examine how MFA requires multiple types of evidence to verify identity—from something you know (passwords) and something you have (security tokens) to something you are (biometrics) and something you do (behavioral patterns). The podcast explains why using different types of factors provides stronger security than multiple factors of the same type, while highlighting modern implementations like adaptive MFA that adjusts security requirements based on risk assessment. As organizations face increasing threats from compromised credentials, MFA offers a powerful security enhancement that remains effective even if passwords are stolen. Find more information at https://www.ibm.com/think/topics/multi-factor-authentication [https://www.ibm.com/think/topics/multi-factor-authentication] Find more episodes at https://www.ibm.biz/techsplainers-podcast [https://www.ibm.biz/techsplainers-podcast] Narrated by Bryan Clark