Bölümler
-
In this episode, Ashish gets into the critical topic of data perimeters in AWS with our guest, Tyler Warren, a Lead Cloud Security Engineer at USAA. As cloud environments continue to evolve, the importance of securing your data through trusted networks and identities has never been more crucial.
Tyler shares his insights on the challenges and strategies involved in building effective data perimeters, emphasizing the need for a holistic security approach that includes both preventative and detective controls. We explore how concepts like trusted resources, networks, and identities play a pivotal role in safeguarding your cloud infrastructure and why these elements should be at the core of your security strategy. Join us as we discuss practical steps for implementing and managing data perimeters, the significance of understanding your zones of trust, and how to scale your security measures as your cloud footprint grows.
Guest Socials: Tyler's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:28) A bit about Tyler
(04:22) Data Perimeter in Cloud Security
(08:18) Why was there a need to look into data perimeter?
(09:39) Should people look at data perimeter from the beginning?
(12:16) Starting point for data perimeter
(15:42) Defining boundaries of Zone of Trust
(21:25) Data perimeter in hybrid environments
(24:47) Challenges in setting up data perimeter
(31:31) Should you start in dev, test or prod?
(34:55) How often should you review your SCPs?
(36:05) What Skillsets does the team need?
(37:26) Are Data Perimeters Developer Friendly?
(40:06) Technical challenges with detective and preventative controls
(42:14) Getting stakeholders onboard
(46:56) Levels of maturity for data perimeter strategy
(49:30) The Fun Section
Resources spoken about during the interview:
AWS Data Perimeter at USAA: Things we knew, things we thought we knew and things you should know!
-
In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it takes to shift from being technical to managing compliance, governance, and broader security programs in industries like retail and advertising.
Throughout the conversation, we dive into the specific challenges of transitioning from a purely cloud-based tech company to a bricks-and-mortar retail operation, highlighting how the threat models differ dramatically between these environments. Lukasz shares his unique perspective on cybersecurity frameworks like NIST CSF 2.0, essential for building resilient programs, and offers practical advice for selecting the right framework based on your organization's needs.
Guest Socials: Lukasz's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:00) A bit about Lukasz
(04:32) Security Challenges for Tech First advertising company
(05:16) Security Challenges for Retail Industry
(06:00) Difference between the two industries
(07:01) Best way to build Cybersecurity Program
(09:44) NIST CSF 2.0
(13:02) Why go with a framework?
(16:26) Which framework to start with for your cybersecurity program?
(18:33) Technical CISO vs Non Technical CISO
(25:37) The Fun Section
Resources spoken about during the interview:
NIST CSF 2.0
CIS Benchmark
ASD Essential Eight
Mapping between the frameworks
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-nist-csf-2-0
https://www.cisecurity.org/insights/white-papers/cis-controls-v8-mapping-to-asds-essential-eight
Verizon Data Breach Investigations Report (DBIR)
Lukasz Woodwork Channel
BSides Melbourne
-
Eksik bölüm mü var?
-
What is the future of SOC? In this episode Ashish sat down with Allie Mellen, Principal Analyst at Forrester, to explore the current state of security operations and the evolving role of AI in cybersecurity. Allie spoke about why Cloud Detection Response (CDR) might be dead, how Generative AI is failing to live up to its hype in security use cases, and why automation will never fully replace human security analysts.
We get into the challenges faced by SOC teams today, the burnout issue among security analysts, and how adopting detection engineering and eliminating the outdated structures could transform the way security teams operate.
Guest Socials: Allie's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:48) A bit about Allie
(03:13) The role of analysts in cybersecurity
(05:56) What is EDR?
(06:30) What is XDR?
(08:42) The impact of GenAI
(10:19) How is GenAI going to impact SOAR?
(14:52) Where to start with SOC?
(24:08) Starting to build your SOC team
(27:32) How SOC should respond to new technology?
(31:48) Expectations from Managed SOC providers
(35:16) Detection challenges for Hybrid Environments
(38:01) Level 2 and 3 SOC in new world
(42:37) What training is required for the SOC team?
(48:49) How will this space evolve?
(51:48) The Fun Questions
Resources spoken about during the interview:
Cloud Detection and Response Tools Do Not Exist
-
In this episode Ashish Rajan sits down with Shashwat Sehgal, co-founder and CEO of P0 Security, to talk about the complexities of cloud identity lifecycle management. Shashwat spoke to us about why traditional identity solutions like SAML are no longer sufficient in today’s cloud environments. He discusses the need for organisations to adopt a more holistic approach to secure access across cloud infrastructures, addressing everything from managing IAM roles to gaining complete visibility and inventory of all cloud identities.
This episode goes into the growing challenges around managing human and non-human identities, and the importance of shifting from legacy solutions to cloud-native governance.
Guest Socials: Shashwat's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:47) A bit about Shashwat
(02:20) What is Identity Lifecycle Management?
(04:55) What is IGA and PAM?
(10:10) Complexity of Identity Management
(13:12) What are non human identities?
(15:56) Maturity Levels for Cloud Identity Lifecycle Management
(19:03) The role of SAML in Identity Management
(20:07) Identity Management of Third parties and SaaS Providers
(21:28) Who’s responsible for identity management in Cloud?
(23:28) Changing landscape of identity management
(27:46) Native Solutions for identity management
(30:03) Fun Questions
-
In this episode of the Cloud Security Podcast, Ashish sat down with Art Poghosyan, CEO and co-founder of Britive, to explore the changing world of identity and access management (IAM) in the cloud era. With over two decades of experience in the identity space, Art breaks down the challenges of traditional Privileged Access Management (PAM) and how cloud-native environments require a rethinking of security strategies.
From understanding the complexities of cloud infrastructure entitlements to unpacking the differences between on-premise and cloud-based PAM, Art explains why "Identity is the new perimeter" and how modern organizations must adapt. They dive deep into the importance of Just-in-Time (JIT) access, non-human identities, and the critical role identity plays as the first and last line of defense in cloud security.
Guest Socials: Art's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:53) A bit about Art
(02:51) What is IAM?
(04:02) What is Cloud Privilege Access Management?
(06:08) Why do we need CloudPAM in 2024?
(07:52) Non Human Identities
(08:39) Privilege in Cloud vs On Premise
(09:49) SAML vs PAM
(12:21) Just in Time provisioning in Cloud
(17:17) Making Access Management Developer Friendly
(19:12) What should security team be looking at ?
(21:22) Communicating IAM vulnerabilities
(23:45) Tactical steps to level up IAM
(27:20) Zero Trust and IAM
(30:56) Fun Questions
-
Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data.
Guest Socials: Scott's Linkedin + Scott's Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:07) A bit about Scott Piper
(02:48) What is a Cloud Security Research Team?
(04:30) Difference between traditional and Cloud Security Research
(07:21) Cloud Pentesting vs Cloud Security Research
(08:10) What is request collapsing?
(10:26) GitHub Actions and OIDC Research
(13:47) How has cloud security evolved?
(17:02) Tactical things for Cloud Security Program
(18:41) Impact of Kubernetes and AI on Cloud
(20:37) How to become a Cloud Security Researcher
(22:46) AWS Cloud Security Best Practices
(26:35) Trends in AWS Cloud Security Research
(28:11) Fun Questions
(30:22) A bit about fwd:cloudsec
Resources mentioned during the interview:
Wiz.io - Cloud Security Podcast listeners can also get a free cloud security health scan
PEACH framework
Wiz Research Blog
Avoiding security incidents due to request collapsing
A security community success story of mitigating a misconfiguration
Cloudmapper
flaws.cloud
fwd:cloudsec
CTFs
The Big IAM Challenge
Prompt Airlines , AI Security Challenge
Kubernetes LAN Party
-
How does Edge Security fit into the future of Cloud Protection ? In this episode, we sat down with Brian McHenry, Global Head of Cloud Security Engineering at Check Point at BlackHat USA, to chat about the evolving landscape of cloud security in 2024. With cloud adoption accelerating and automation reshaping how we manage security, Brian spoke to us about the challenges that organizations face today—from misconfigurations and alert fatigue to the role of AI in application security.
We tackle the question: Is CSPM (Cloud Security Posture Management) still enough, or do we need to rethink our approach? Brian shares his thoughts on edge security, why misconfigurations are more dangerous than ever, and how automation can quickly turn small risks into significant threats.
Guest Socials: Brian's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:28) State of Cloud Market
(04:44) Is CSPM not enough?
(06:35) Edge Security in Cloud Context
(08:31) Where is edge security going?
(10:11) Where to start with Cloud Security Tooling?
(11:08) Transitioning from Network Security to Cloud Security
(13:11) How is AI Changing Edge Security?
(14:45) How is WAF and DDos Protection evolving?
(18:16) Should people be doing network pentest?
(19:57) North Star for WAF in a cybersecurity program
(20:55) The evolution to platformization
(23:13) Highlight from BlackHat USA 2024
-
How CI/CD Tools can expose your Code to Security Risks? In this episode, we’re joined by Mike Ruth, Senior Staff Security Engineer at Rippling and returning guest, live from BlackHat 2024. Mike dives deep into his research on CI/CD pipeline security, focusing on popular tools like GitHub Actions, Terraform, and Buildkite. He reveals the hidden vulnerabilities within these tools, such as the ability for engineers to bypass code reviews, modify configuration files, and run unauthorized commands in production environments.
Mike explains how the lack of granular access control in repositories and CI/CD configurations opens the door to serious security risks. He shares actionable insights on how to mitigate these issues by using best practices like GitHub Environments and Buildkite Clusters, along with potential solutions like static code analysis and granular push rule sets. This episode provides critical advice on how to better secure your CI/CD pipelines and protect your organization from insider threats and external attacks.
Guest Socials: Mike's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introductions
(01:56) A word from episode sponsor - ThreatLocker
(02:31) A bit about Mike Ruth
(03:08) SDLC in 2024
(08:05) Mitigating Challenges in SDLC
(09:10) What is Buildkite?
(10:11) Challenges observed with Buildkite
(12:30) How Terraform works in the SDLC
(15:41) Where to start with these CICD tools?
(18:55) Threat Detection in CICD Pipelines
(21:31) Building defensive libraries
(23:58) Scaling solutions across multiple repositories
(25:46) The Fun Questions
Resources mentioned during the call:
GitHub Actions
Terraform
Buildkite
Mike's BSidesSF Talk
-
In this episode of the Cloud Security Podcast, we bring together an incredible panel of experts to explore the evolving landscape of cloud security in 2024. Hosted by Ashish Rajan, the discussion dives deep into the challenges and realities of today’s multi-cloud environments. With perspectives ranging from seasoned veterans to emerging voices this episode offers a broad spectrum of insights from cloud security practitioners who are living and breathing cloud security everyday. We are very grateful to our panelist who took part in 1st of its kind edition for the State of Cloud Security - Meg Ashby, Damien Burks, Chris Farris, Rich Mogull, Patrick Sanders, Ammar Alim and Abdie Mohamed.
The conversation covers essential topics such as the pitfalls of multi-cloud adoption, the persistent security issues that remain even as cloud technologies advance, and the importance of specializing in one cloud platform while maintaining surface-level knowledge of others. The panelists also share their thoughts on the future of cloud security, including the increasing relevance of Kubernetes and edge security.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:22) How much has Cloud Security Changed?
(07:05) Is the expectation to be MultiCloud?
(19:07) What’s top of mind in Cloud Security in 2024?
(27:17) The current Cloud Service Provider Landscape
(39:26) Where to start in Cloud Security ?
(52:10) The Fun Section
Resources discussed during the episode:
fwd:cloudsec conference
Cloud Security Bootcamp
DevSecBlueprint YouTube Channel - Damien Burks
Rich Mogull’s Cloud Security Lab of the Week
-
What were the main themes at BlackHat USA 2024? With respect to Cloud Security, maybe with a sprinkle of AI Security. Our team was on the ground at BlackHat and DefCon32 this year, we heard many talks and panels, spoke to many practitioner, leaders and CISOs and had the pleasure of recording some great interviews (coming soon!). This conversation is a distillation of everything we heard and the themes we saw.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:15) A word from our episode sponsor, ThreatLocker
(04:35) Resiliency in Cybersecurity
(07:00) Commentary on upcoming US elections
(09:42) Identity Centric Security
(15:55) Cloud Security is getting more Complex
(23:47) Growing importance of Data Security
(25:42) Use Cases for AI Security
(31:25) Shared Responsibility and Shared Fate
(33:21) Is CSPM Dead?
(37:32) The Conclusion
Resources from the episode:
BlackHat USA Keynote - Democracy's Biggest Year: The Fight for Secure Elections Around the World
Generative AI Misuse: A Taxonomy of Tacticsand Insights from Real-World Data
RSAC 2024 Innovation Sandbox Finalist
BlackHat USA 2024 Startup Spotlight
-
In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies. Santiago shares his experience transitioning from penetration testing to incident response and highlights the unique challenges that come with protecting a rapidly expanding organization.
We explore the differences between incident response in high-growth versus established companies, the importance of having the right personnel, and the critical skills needed for effective incident response.
Guest Socials: Santiago's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:58) A word from our sponsor - SentinelOne
(02:48) A bit about Santiago
(03:18) What is Incident Response?
(04:06) How IR differs in different organisations?
(04:48) Red Team vs Incident Response Team
(06:17) Challenges for Incident Response in Cloud
(07:16) Incident Response in a High Growth Company
(07:56) Skillsets required for high growth
(09:14) Cloud vs On Prem Incident Response
(10:03) Building Incident Response in High Growth Company
(11:39) Responding to incidents that are not high risk
(14:41) Transition from pentesting to incident responder
(17:20) Endpoint vulnerability management at scale
(25:32) The Fun Section
Resources from the episode:
Endpoint Vulnerability Management at Scale
-
Leadership Insights on Cloud Security in 2024. Ashish sat down with return guest Srinath Kuruvadi, a seasoned cloud security leader with over two decades of experience in the field. Together, they explored the current state and future of cloud security, discussing the importance of detection & incident response teams, building and maintaining a robust cloud security program, understanding the importance of stakeholder management, and the role of data security in mitigating risks. Srinath shared his perspective on the evolution of cloud security, the critical need for a prevention-first mindset while tackling the challenges of managing security in a multi-cloud environment
Guest Socials: Srinath's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:42) A bit about Srinath
(01:55) How has the Cloud Security space changed?
(05:27) Are CloudSec and AppSec merging?
(06:29) Are stakeholders more engaged with Cloud Security?
(08:10) Where are the boundaries for Cloud Security?
(10:06) Finding the right talent in Cloud Security
(12:31) Building a Multi Cloud Security Team
(15:06) The role of platform teams
(16:45) Maturity level for Cloud Security
(19:18) Current patterns in Cloud Security
(22:03) What should CSPs be taking more about?
-
What are you doing differently today that you're stopping tomorrow's legacy? In this episode Ashish spoke to Adrian Asher, CISO and Cloud Architect at Checkout.com, to explore the journey from monolithic architecture to cloud-native solutions in a regulated fintech environment. Adrian shared his perspective on why there "aren't enough lambdas" and how embracing cloud-native technologies like AWS Lambda and Fargate can enhance security, scalability, and efficiency.
Guest Socials: Adrian's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:59) A bit about Adrian
(02:47) Cloud Naive vs Cloud Native
(03:54) Checkout’s Cloud Native Journey
(05:44) What is AWS Fargate?
(06:52) There are not enough Lambdas
(09:52) The evolution of the Security Function
(12:15) Culture change for being more cloud native
(15:23) Getting security teams ready for Gen AI
(18:16) Where to start with Cloud Native?
(19:14) Where you can connect with Adrian?
(19:39) The Fun Section
-
How to secure AWS cloud using AWS Lambda? We spoke to Lily Chau from Roku at BSidesSF about her experience and innovative approach to tackling security issues in AWS environments. From deploying IAM roles to creating impactful playbooks with AWS Lambda, Lily shared her take on automating remediation processes. We spoke about the challenges of managing cloud security with tools like CSPM and CNAPP, and how Lily and her team took a different approach that goes beyond traditional methods to achieve real-time remediation.
Guest Socials: Lily Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:56) A bit about Lily
(02:27) What is Auto Remediation?
(03:56) Example of Auto Remediation
(05:19) CSPMs and Auto Remediation
(06:58) Make Auto Remediation in Cloud work for you
(09:49) Where to get started with Auto Remediation?
(11:52) What defines a High Impact Playbook?
(12:58) Auto Remediation for Lateral Movement
(14:35) What is running in the background?
(16:41) What skillset is required?
(19:08) The Fun Section
Resources for the episode:
Lily's talk at BsidesSF
-
How can you protect your data with Confidential Compute and Containers? Ashish spoke to Zvonko Kaiser, Principal Systems Software Engineer, Confidential Containers and Kubernetes at Nvidia about confidential containers, confidential computing, and their importance in protecting sensitive data. They speak about the various threat models, use cases, and the role of GPUs in enhancing compute power for AI workloads
Guest Socials: Zvonko's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:45) A word from our sponsor SentinelOne
(02:18) A bit about Zvonko
(02:24) Encryption for Confidential Computing
(04:20) Confidential Computing vs Confidential Containers
(05:45) What sectors focus on Confidential Computing?
(07:09) Common Threats in Confidential Computing
(08:55) What is a Secure Enclave?
(10:05) Value of Attestation for Confidential Computing
(11:35) Lift and Shift Strategy for AI
(13:59) The role of GPU in confidential Computing
(15:37) Shared Responsibility with Confidential Computing
(17:10) Confidential Computing project you can get involved in
(18:16) The fun section
-
How to implement infrastructure as code? Ashish spoke to Armon Dadgar. Co-Founder and CTO at HashiCorp at Hashidays London. Armon speaks about his journey from co-creating Terraform, the first open-source language in the IaC space, to addressing the complex challenges enterprises face in cloud environments today. They speak about why having a platform team from the beginning is crucial for large enterprises, the evolution of IaC, the importance of standardization in managing cloud applications, and how automation plays a key role in maintaining security.
Guest Socials: Armon's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
00:00 Introduction
01:54 A bit about Armon
02:32 How has infrastructure as code evolved?
03:43 The role of Terraform
04:38 Infrastructure and Security Lifecycle Management
06:51 Best Practice for Infrastructure Lifecycle Management
09:11 Best Practice for Security Lifecycle Management
09:38 What is a Platform Team?
11:02 When should people start thinking about a platform team?
13:02 What is Zero Trust?
14:52 Challenges with IaC
17:35 How GenAI is impacting IaC?
20:04 Starting an open source project?
24:53 The Fun Section
-
What is the future of AI Security and Data Protection? At AWS re:Inforce in Philadelphia this year, Ashish spoke to Dan Benjamin, Head of Data, Identity and AI Security at Prisma Cloud about the new category of AI-SPM (Artificial Intelligence Security Posture Management) and why does it fit within all the other toolings organisations have. They spoke about the importance of building an AI and data inventory, understanding AI access, and the critical role of DSPM (Data Security Posture Management) in creating effective AI security controls.
Guest Socials: Dan's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
00:00 Introduction
02:09 A bit about Dan
02:29 What is AISPM?
03:16 How should CISOs tackle AI Security?
06:16 Right Controls around AI Services
07:32 AISPM vs CSPM
09:52 The role of DSPM
10:25 Tackling data security in world of AI
13:28 Maturity Curve for CISOs to consider
16:36 Security Teams for AI Security
19:51 The Fun Section
-
Can Threat Detection be enhanced with AI? Ashish sat down with Dave Johnson, Senior Threat Intelligence Advisor at Feedly, at BSides SF 2024, where Dave also presented a talk.
Dave shares his journey in cyber threat intelligence, including his 15-year career with the FBI and his transition to the private sector. The conversation focuses on the innovative use of large language models (LLMs) to create Sigma rules for threat detection and the challenges faced along the way. Dave spoke about his four approaches to creating Sigma rules with AI, ultimately highlighting the benefits of prompt chaining and Retrieval Augmented Generation (RAG) systems.
Guest Socials: Dave's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:44) A word for our episode sponsor, Panoptica
(02:39) A bit about Dave Johnson
(03:33) What are Sigma Rules?
(04:36) Where to get started with Sigma Rules?
(05:27) Skills required to work with Sigma Rules
(06:32) The four approaches Dave took to Sigma Rules
(11:29) Are Sigma Rules complimentary to existing log systems?
(12:18) Challenges Dave had during his research
(14:09) Validating Sigma Rules
(16:01) Working on Sigma Rule Projects
(18:54) The Fun Section
Resources spoken about during the episode:
Dave's Website
SigmaHQ GitHub
-
How can AI impact Cloud Security Operations? Ashish sat down with Ely Kahn, VP of Cloud Security and AI at SentinelOne to talk about the evolving landscape of cloud security and the future of Security Operations Centers (SOC). Ely spoke about the shift from centralized to decentralized SOC operations, the increasing complexity in cloud security and its benefits.
Guest Socials: Ely's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:10) A bit about Ely
(02:47) Has Cloud Security become simpler or more complex?
(05:09) How has the threat landscape for cloud evolved?
(08:00) Who is managing all the alerts?
(09:53) What will happen to SOAR?
(11:03) How AI will impact Cloud Security in 2024?
(18:36) Is there a skillset change coming?
(20:06) The Fun Section
-
Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world.
We speak about the significance of behavioural baselining, the limitations of signature-based detection, the role of tools like eBPF in enhancing real-time security measures and the importance of proactive security measures and the need for a paradigm shift from reactive alert-based systems to a more silent and efficient operational model.
Guest Socials: Jimmy's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:12) A bit about Jimmy Mesta
(03:48) What is Cloud Native Security?
(05:15) How is Cloud Native different to traditional approach?
(07:37) What is eBPF?
(09:12) Why should we care about eBPF?
(11:51) Separating the signal from the noise
(13:48) Challenges on moving to Cloud Native
(15:58) Proactive Security in 2024
(17:02) Whose monitoring Cloud Native alerts?
(23:10) Getting visibility into the complexities of Kubernetes
(24:24) Skillsets and Resources for Kubernetes Security
(27:54) The Fun Section
Resources spoke about the during the interview:
OWASP Kubernetes Top Ten
- Daha fazla göster
