Podcast Cloud Security terbaik (2024)

1
EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators 30:32

3d ago30:32

30:32

Guest: Phil Venables, Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics Why is our industry suddenly obsessed with resilience? Is this ransomware’s doing? How did the PCAST report come to be? Can you share the backstory and how it was created? The PCAST report emphasizes the importance of leading indicators for securit…

1
63-Talking Cloud Podcast-Part 2 with Cal Jeffrey, 30-year Cybersecurity Professional 32:06

1d ago32:06

32:06

In another two-part episode, I sit down with a long-time cybersecurity professional and personal friend, Cal Jeffrey. We first met in 1998 when we were both at Check Point Software. We've remained great friends and have collaborated multiple times. I affectionately call him my personal SMEE—subject matter expert on everything! Joking aside, Cal is …

1
Centralized VPC Endpoints - Why It Works for AWS Networking 48:41

9d ago48:41

48:41

In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned this unconventional approach into a cost-efficient and scalable solution, all while maintaining granular controls and network visibility. She shares …

1
EP03 Ryan Chapman - From Software Cracking to Threat Hunting: A Reverse Engineering Story 53:02

15d ago53:02

53:02

Join us as I sit down with renowned threat hunter, Ryan Chapman. Ryan shares his incredible journey from a curious young hacker to a formidable force in cybersecurity. Discover how his early fascination with software cracking ignited a passion for reverse engineering, ultimately leading him to the front lines of cyber defense. In this conversation,…

1
AI's Identity Revolution: Securing Disconnected Apps and Eliminating Human Error with Bel Lepe 25:52

15d ago25:52

25:52

Bel Lepe Reveals How AI Reduces Security Risks By Removing the Human Element In this episode of Cyber Sentries, host John Richards is joined by Bel Lepe, Co-founder and CEO of Cerby, to explore how removing the human factor through automation can dramatically decrease an organization's attack surface. John and Bel dive into the transformative poten…

1
63-Talking Cloud Podcast-Part 1 with Cal Jeffrey, 30-year Cybersecurity Professional 24:36

1d ago24:36

24:36

In another two-part episode, I sit down with a long-time cybersecurity professional and personal friend, Cal Jeffrey. We first met in 1998 when we were both at Check Point Software. We've remained great friends and have collaborated multiple times. I affectionately call him my personal SMEE—subject matter expert on everything! Joking aside, Cal is …

1
62-Talking Cloud Podcast-Part 2 with Todd Beebe, Information Security Officer, Entrepreneur and Investor 32:20

10d ago32:20

32:20

Part 2 My special guest on episode 62 (in two parts) is a long-time Information Security Executive, entrepreneur, and investor. Todd Beebe cut his teeth in the industry attempting to find his way into other people's systems and networks but turned those skills into a long and successful career bolstering and protecting systems and networks. It was …

1
62-Talking Cloud Podcast-Part 1 with Todd Beebe, Information Security Officer, Entrepreneur and Investor 30:25

10d ago30:25

30:25

Part 1 My special guest on episode 62 (in two parts) is a long-time Information Security Executive, entrepreneur, and investor. Todd Beebe cut his teeth in the industry attempting to find his way into other people's systems and networks but turned those skills into a long and successful career bolstering and protecting systems and networks. It was …

1
EP203 Cloud Shared Responsibility: Beyond the Blame Game with Rich Mogull 37:13

10d ago37:13

37:13

Guest: Rich Mogull, SVP of Cloud Security at Firemon and CEO at Securosis Topics: Let’s talk about cloud security shared responsibility. How to separate the blame? Is there a good framework for apportioning blame? You've introduced the Cloud Shared Irresponsibilities Model, stating cloud providers will be considered partially responsible for breach…

1
EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering 37:09

17d ago37:09

37:09

Guest: Amine Besson, Tech Lead on Detection Engineering, Behemoth Cyberdefence Topics: What is your best advice on detection engineering to organizations who don’t want to engineer anything in security? What is the state of art when it comes to SOC ? Who is doing well? What on Earth is a fusion center? Why classic “tiered SOCs” fall flat when deali…

1
What is CADR? 29:04

21d ago29:04

29:04

In this episode, recorded at Kubecon NA in Salt Lake City, we spoke about about Kubernetes security with Shauli Rozen, co-founder and CEO of ARMO Security. From the challenges of runtime protection to the potential of CADR (Cloud Application Detection and Response), Shauli breaks down the gaps in traditional CSPM tools and how Kubernetes plays a ce…

1
61-Talking Cloud Podcast-No Guest-Just the "Gilligan" talking and showing Artificial Intelligence 50:24

20d ago50:24

50:24

I'm finally back with a new video format. Thanks for sticking with me. I've decided to run solo in this episode and show one of the most popular presentations I've delivered in the last few years. It's not just a bunch of slides; I show a number of very cool sites too! (links below) I hope you enjoy it! (Special thanks to Jason Prost for the initia…

1
EP201 Every CTO Should Be a CSTO (Or Else!) - Transformation Lessons from The Hoff 36:57

24d ago36:57

36:57

Guest: Chris Hoff, Chief Secure Technology Officer at Last Pass Topics: I learned that you have a really cool title that feels very “now” - Chief Secure Technology Officer? What’s the story here? Weirdly, I now feel that every CTO better be a CSTO or quit their job :-) After, ahem, not-so-recent events you had a chance to rebuild a lot of your stac…

1
EP200 Zero Touch Prod, Security Rings, and Foundational Services: How Google Does Workload Security 27:38

1M ago27:38

27:38

Guest: Michael Czapinski, Security & Reliability Enthusiast, Google Topics: “How Google protects its production services” paper covers how Google's infrastructure balances several crucial aspects, including security, reliability, development speed, and maintainability. How do you prioritize these competing demands in a real-world setting? What atta…

1
Building Platforms in Regulated Industries 36:32

1M ago36:32

36:32

At HashiConf 2024 in Boston, our host Ashish Rajan had a great chat over some cannolis and a game of Jenga with AJ Oller, AVP of Engineering at The Hartford about how automation, mainframes, and compliance intersect to drive innovation in regulated industries like insurance. They spoke about why regulations aren't barriers but frameworks to prevent…

1
EP02 Victor Manuel Alvarez - Motivation, Community, and the Future with YARA-X: Building the Future of Threat Detection 31:51

1M ago31:51

31:51

In this episode we’re sitting down with Victor Manuel Alvarez, the creator of YARA. YARA is one of the most powerful tools in cybersecurity. We discuss his early career, what motivated him to create YARA, and the role the community has played in its development. Plus, Victor shares his thoughts on the future of YARA and YARA-X, which is a ground-up…

1
EP199 Your Cloud IAM Top Pet Peeves (and How to Fix Them) 29:26

1M ago29:26

29:26

Guests: Michele Chubirka, Staff Cloud Security Advocate, Google Cloud Sita Lakshmi Sangameswaran, Senior Developer Relations Engineer, Google Cloud Topics: What is your reaction to “in the cloud you are one IAM mistake away from a breach”? Do you like it or do you hate it? Or do you "it depends" it? :-) Everyone's talking about how "identity is the…

1
The Adaptive CISO: Digital Defense Evolution with Timothy Youngblood 36:10

1M ago36:10

36:10

Securing the Digital Future with Former Fortune 500 CISO Tim Youngblood John Richards welcomes Timothy Youngblood, a four-time Fortune 500 CISO and current CISO in Residence at Astrix Security, to discuss the evolving landscape of cybersecurity leadership. With experience at Dell, Kimberly Clark, McDonald's, and T-Mobile, Tim brings unique insights…

1
Dynamic Permission Boundaries: A New Approach to Cloud Security 46:05

1M ago46:05

46:05

In this episode, Ashish spoke with Kushagra Sharma, Staff Cloud Security Engineer, to delve into the complexities of managing Identity Access Management (IAM) at scale. Drawing on his experiences from Booking.com and other high-scale environments, Kushagra shares insights into scaling IAM across thousands of AWS accounts, creating secure and develo…

1
EP198 GenAI Security: Unseen Attack Surfaces & AI Pentesting Lessons 27:22

2M ago27:22

27:22

Guests: Ante Gojsalic, Co-Founder & CTO at SplxAI Topics: What are some of the unique challenges in securing GenAI applications compared to traditional apps? What current attack surfaces are most concerning for GenAI apps, and how do you see these evolving in the future? Do you have your very own list of top 5 GenAI threats? Everybody seem to! What…

1
Building a Resilient Cloud Security Program after Merger and Acquisition 39:14

2M ago39:14

39:14

In this episode, host Ashish Rajan sits down with Prahathess Rengasamy, a cloud security expert with extensive experience at companies like Credit Karma, Block, and Apple. Together, they explore the challenges and best practices for scaling cloud security, especially in the complex scenarios of mergers and acquisitions. Starting with foundational e…

1
EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective 29:34

2M ago29:34

29:34

Guest: Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud Topics: There’s been a ton of discussion in the wake of the three SIEM week about the future of SIEM-like products. We saw a lot of takes on how this augurs the future of disassembled or decoupled SIEMs. Can you explain what these disassembled SIEMs are all…

1
Building Data Perimeter in Cloud in 2024 56:14

2M ago56:14

56:14

In this episode, Ashish gets into the critical topic of data perimeters in AWS with our guest, Tyler Warren, a Lead Cloud Security Engineer at USAA. As cloud environments continue to evolve, the importance of securing your data through trusted networks and identities has never been more crucial. Tyler shares his insights on the challenges and strat…

1
EP01 Nick Harbour - Early Days of Incident Response, Mandiant History and FLARE-ON 1:04:53

2M ago1:04:53

1:04:53

Nick Harbour discusses his career journey from his early days in the Air Force to his work at Mandiant. He shares insights into the evolution of malware, his contributions to the field of malware analysis, and the development of the Flare-On contest, a reverse engineering challenge.Oleh Josh Stroschein

1
EP196 AI+TI: What Happens When Two Intelligences Meet? 28:08

2M ago28:08

28:08

Guest: Vijay Ganti, Director of Product Management, Google Cloud Security Topics: What have been the biggest pain points for organizations trying to use threat intelligence (TI)? Why has it been so difficult to convert threat knowledge into effective security measures in the past? In the realm of AI, there's often hype (and people who assume “it’s …

1
Navigating NIST CSF 2.0: Guide to Frameworks and Governance 36:29

2M ago36:29

36:29

In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it takes to shift from being technical to managing compliance, governance,…

1
EP195 Containers vs. VMs: The Security Showdown! 41:16

2M ago41:16

41:16

Cross-over hosts: Kaslin Fields, co-host at Kubernetes Podcast Abdel Sghiouar, co-host at Kubernetes Podcast Guest: Michele Chubirka, Cloud Security Advocate, Google Cloud Topics: How would you approach answering the question ”what is more secure, container or a virtual machine (VM)?” Could you elaborate on the real-world implications of this for s…

1
The role of data normalization in cloud security - Kabir Mathur, CEO at Leen 36:02

2M ago36:02

36:02

Lars and Kabir Mathur, CEO of Leen, discuss the concept of unified APIs for security data, emphasizing the need for normalization and integration of various security tools. Kabir explains how Leen differentiates itself by not only providing data connectors but also delivering data over an API, making it accessible for developers. They explore the c…

1
Building a SOC Team in 2024 - Automation & AI 56:25

2M ago56:25

56:25

What is the future of SOC? In this episode Ashish sat down with Allie Mellen, Principal Analyst at Forrester, to explore the current state of security operations and the evolving role of AI in cybersecurity. Allie spoke about why Cloud Detection Response (CDR) might be dead, how Generative AI is failing to live up to its hype in security use cases,…

1
EP194 Deep Dive into ADR - Application Detection and Response 30:55

2M ago30:55

30:55

Guest: Daniel Shechter, Co-Founder and CEO at Miggo Security Topics: Why do we need Application Detection and Response (ADR)? BTW, how do you define it? Isn’t ADR a subset of CDR (for cloud)? What is the key difference that sets ADR apart from traditional EDR and CDR tools? Why can’t I just send my application data - or eBPF traces - to my SIEM and…

1
Open Source AI Unleashed: Transparency, Sovereignty, and Data Control with JJ Asghar 46:21

3M ago46:21

46:21

Open Source AI: Transparency, Sovereignty, and Who Controls the Data In this episode of Cyber Sentries, host John Richards is joined by JJ Asghar, an Open Source Champion and Developer Advocate at IBM. They explore the importance of open source in the AI world, how transparency can allow for AI sovereignty, and why we should care about who controls…

1
Cloud Identity Lifecycle Management Explained! 33:03

3M ago33:03

33:03

In this episode Ashish Rajan sits down with Shashwat Sehgal, co-founder and CEO of P0 Security, to talk about the complexities of cloud identity lifecycle management. Shashwat spoke to us about why traditional identity solutions like SAML are no longer sufficient in today’s cloud environments. He discusses the need for organisations to adopt a more…

1
EP193 Inherited a Cloud? Now What? How Do I Secure It? 30:41

3M ago30:41

30:41

Guests: Taylor Lehmann, Director at Office of the CISO, Google Cloud Luis Urena, Cloud Security Architect, Google Cloud Topics There is a common scenario where security teams are brought in after a cloud environment is already established. From your experience, how does this late involvement typically impact the organization's security posture and …

1
Traditional PAM vs Cloud CPAM for a cloud first world 34:22

3M ago34:22

34:22

In this episode of the Cloud Security Podcast, Ashish sat down with Art Poghosyan, CEO and co-founder of Britive, to explore the changing world of identity and access management (IAM) in the cloud era. With over two decades of experience in the identity space, Art breaks down the challenges of traditional Privileged Access Management (PAM) and how …

1
The Role of Cloud Security Research in 2024 35:26

3M ago35:26

35:26

Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security r…

1
EP192 Confidential + AI: Can AI Keep a Secret? 33:04

3M ago33:04

33:04

Guest: Nelly Porter, Director of PM, Cloud Security at Google Cloud Topics: Share your story and how you ended here doing confidential AI at Google? What problem does confidential compute + AI solve and for what clients? What are some specific real-world applications or use cases where you see the combination of AI and confidential computing making…

1
EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it! 23:36

3M ago23:36

23:36

Guest: Dan Nutting, Manager - Cyber Defense, Google Cloud Topics: What is the Defender’s Advantage and why did Mandiant decide to put this out there? This is the second edition. What is different about DA-II? Why do so few defenders actually realize their Defender’s Advantage? The book talks about the importance of being "intelligence-led" in cyber…

1
Edge Security is the Key to Cloud Protection 26:41

3M ago26:41

26:41

How does Edge Security fit into the future of Cloud Protection ? In this episode, we sat down with Brian McHenry, Global Head of Cloud Security Engineering at Check Point at BlackHat USA, to chat about the evolving landscape of cloud security in 2024. With cloud adoption accelerating and automation reshaping how we manage security, Brian spoke to u…

1
EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures 30:00

3M ago30:00

30:00

Guest: Josh Liburdi, Staff Security Engineer, Brex Topics: What is this “security data fabric”? Can you explain the technology? Is there a market for this? Is this same as security data pipelines? Why is this really needed? Won’t your SIEM vendor do it? Who should adopt it? Or, as Tim says, what gets better once you deploy it? Is reducing cost a bi…

1
Proactive cloud security - Rotem Levi, Cloud Security Architect 31:32

3M ago31:32

31:32

In this conversation, Rotem Levi, a Cloud Security Architect, discusses the importance of proactive cloud security. He emphasizes the need for a balance between cost optimization and security, as well as the significance of good security practices in reducing cloud spend. Rotem also highlights the importance of having order in infrastructure and th…

1
Is your CI/CD Pipeline your Biggest Security Risk? 29:55

3M ago29:55

29:55

How CI/CD Tools can expose your Code to Security Risks? In this episode, we’re joined by Mike Ruth, Senior Staff Security Engineer at Rippling and returning guest, live from BlackHat 2024. Mike dives deep into his research on CI/CD pipeline security, focusing on popular tools like GitHub Actions, Terraform, and Buildkite. He reveals the hidden vuln…

1
Demystifying Zero Trust: Key Policy Checks for Cloud Native Security with Zack Butcher 32:32

4M ago32:32

32:32

Decoding Zero Trust Security for Cloud Native Environments In this episode of Cyber Sentries, John Richards welcomes Zack Butcher, Founding Engineer at Tetrate, to explore the critical components of zero trust security for cloud native and microservice environments. Zack, with deep expertise from his time at Google and work with NIST, shares practi…

1
EP189 How Google Does Security Programs at Scale: CISO Insights 30:23

4M ago30:23

30:23

Guest: Royal Hansen, CISO, Alphabet Topics: What were you thinking before you took that “Google CISO” job? Google's infrastructure is vast and complex, yet also modern. How does this influence the design and implementation of your security programs compared to other organizations? Are there any specific challenges or advantages that arise from oper…

1
State of Cloud Security - Practitioner Edition 56:12

4M ago56:12

56:12

In this episode of the Cloud Security Podcast, we bring together an incredible panel of experts to explore the evolving landscape of cloud security in 2024. Hosted by Ashish Rajan, the discussion dives deep into the challenges and realities of today’s multi-cloud environments. With perspectives ranging from seasoned veterans to emerging voices this…

1
Building ElectricEye, an open-source CSPM tool - Jonathan Rau, VP / Distinguished Engineer at Query 52:48

4M ago52:48

52:48

In this episode, Lars Kamp interviews Jonathan Rau, a distinguished engineer at Query, about Electric Eye, an open-source CSPM (cloud security posture management) tool.Oleh Fix

1
EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security 29:28

4M ago29:28

29:28

Guest: Dor Fledel, Founder and CEO of Spera Security, now Sr Director of Product Management at Okta Topics: We say “identity is the new perimeter,” but I think there’s a lof of nuance to it. Why and how does it matter specifically in cloud and SaaS security? How do you do IAM right in the cloud? Help us with the acronym soup - ITDR, CIEM also ISPM …

1
BlackHat USA 2024 Highlights and Recap 39:46

4M ago39:46

39:46

What were the main themes at BlackHat USA 2024? With respect to Cloud Security, maybe with a sprinkle of AI Security. Our team was on the ground at BlackHat and DefCon32 this year, we heard many talks and panels, spoke to many practitioner, leaders and CISOs and had the pleasure of recording some great interviews (coming soon!). This conversation i…

1
EP187 Conquering SOC Challenges: Leadership, Burnout, and the SIEM Evolution 29:41

4M ago29:41

29:41

Guest: Nicole Beckwith, Sr. Security Engineering Manager, Threat Operations @ Kroger Topics: What are the most important qualities of a successful SOC leader today? What is your approach to building and maintaining a high-functioning SOC team? How do you approach burnout in a SOC team? What are some of the biggest challenges facing SOC teams today?…

1
Building an Incident Response Team for High-Growth Companies 27:24

4M ago27:24

27:24

In this episode, we sit down with Santiago, a Senior Security Engineer at Canva, to talk about the complexities of building and managing an incident response team, especially in high-growth companies. Santiago shares his experience transitioning from penetration testing to incident response and highlights the unique challenges that come with protec…

1
EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim 27:18

4M ago27:18

27:18

Guests: A debate between Tim and Anton, no guests Debate positions: You must buy the majority of cloud security tools from a cloud provider, here is why. You must buy the majority of cloud security tools from a 3rd party security vendor, here is why. Resources: EP74 Who Will Solve Cloud Security: A View from Google Investment Side EP22 Securing Mul…

Podcast Layak Disimak

Cloud Security Podcast

Podcast Layak Disimak

Panduan Referensi Cepat