Cloud Security Podcast
By Cloud Security Podcast Team
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
Cloud Security PodcastNov 21, 2021
The role of Real Time Defense in Cloud Security
In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its critical role in protecting Kubernetes environments, and the future roadmap post-graduation. We spoke about the gap between traditional security measures and the dynamic needs of modern infrastructures.
Guest Socials: Loris's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
00:00 Introduction
01:13 A bit about Loris
01:44 What does graduation mean for Falco?
02:58 What is Falco?
04:59 eBPF and Falco
06:01 Why eBPF is secure?
07:11 Runtime Security in Kubernetes
10:32 ROI for leaders for Runtime Security Tools
12:50 Preventative Security vs Runtime Security
14:08 Runtime Security in Modern Environments
16:42 Whats the Future for Falco?
18:31 The Fun Questions
CISO's guide to embracing risk in business
What is it like to build a successful business based on risk? In this episode Ashish spoke to Fredrick Lee, CISO at Reddit. FLee shared his deep insights into the essential role of risk in driving business success and innovation. With a career that spans across notable tech giants like Square (now Block), Twilio, and Gusto, Lee brings a wealth of experience in both hardware and software security landscapes. Without embracing risk, businesses risk stagnation in a world where competitors are always ready to innovate. From discussing the cost-effective strategies in cybersecurity to exploring the formation and goals of Reddit's S.P.A.C.E team (Security, Privacy, Automation, Compliance, and Engineering), this episode gets into the challenges and opportunities presented by the modern tech environment
Guest Socials: Fredrick Lee's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(04:42) A bit about Fredrick Lee
(07:42) How cloud changed cybersecurity?
(11:37) Threat Landscape in Software vs Hardware
(15:12) Threat Landscape in B2B vs B2C
(17:27) Navigating the First Steps as a New Company's CISO
(20:26) The role of compliance in Cybersecurity
(24:12) The role of privacy in Cybersecurity
(26:11) The role of AI in cybersecurity
(30:36) A bit about AI Cybersecurity Podcast
(31:09) What it means to be a CISO?
(34:34) Building CISO Roadmaps: Balancing Short-Term and Long-Term Goals
(36:49) Where to start with CISO Roadmap?
(39:02) What keeps Fredrick motivated about his CISO role?
(40:36) Whats next for current CISOs?
(42:50) The Fun Questions
Why Email Breaches Still Happen?
Lets talk about the Evolution of Email Security. We have been speaking about Email Security for years but why has it not been solved? We spoke to Abhishek Agrawal, Co-founder of Material Security about the fact that despite of decades of advancements, email security remains a critical concern, with sophisticated attacks continually bypassing traditional controls. We explored the fascinating landscape of productivity suites like Microsoft 365 and Google Workspace, underscoring their importance beyond just communication tools. What are the critical aspects of threat management, posture management, and the necessity of a focused approach towards securing this often-overlooked segment of our digital infrastructure management.
Guest Socials: Abhishek's Linkedin Abhishek's Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions
(00:00) Introduction
(03:57) A bit about Abhishek
(04:49) What is a Productivity Suite?
(05:48) Why Email Security is still a focus in 2024?
(11:43) Where to start with Productivity Suite Security?
(15:03) The role of Cloud Native Tools in Productivity Suite Security
(19:38) Where can security leaders start with Productivity Suite Security
(24:39) Where can people learn more about Productivity Suite Security
(26:44) Fun Questions
Essential Strategies to master Incident Response in Cloud
How do you build a Robust Detection Framework? Ashish spoke to Andrew Tabona, SVP of Cyber Threat Management and Incident Response at a Fortune 500 company about challenging the conventional wisdom of applying on-premise incident response plans to cloud environments. They speak about the critical metrics of mean time to detect, respond, and recover, and why mastering the fundamentals is key to effective cloud security.
The conversation also covers practical strategies for building a detection framework, the importance of a balanced approach to log ingestion, and the nuanced differences in incident response between cloud and traditional on-premise environments.
Guest Socials: Andrew Tabona
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:20) A bit about Andrew Tabona
(04:26) What is Threat Detection and Response?
(06:14) Why incident response is different in Cloud?
(09:18) Benefits of doing Incident Response in Cloud?
(10:29) Is CSPM your incident response tool?
(12:33) Where to start with Detection in Cloud?
(16:35) Getting buy in from other teams for threat detection
(20:15) Should you build or buy a cybersecurity solution?
(22:34) Responding to incidents in a Cloud Context
(26:01) Containing incidents in a Cloud Context
(28:34) What kind of access do IR teams need?
(30:36) Balancing the signal to noise ratio
(32:10) Where to start with Threat Detection and Response
(34:37) Challenges an organisation might face
(35:58) Threat Detection and Response in MultiCloud
(37:52) Showing ROI of Cybersecurity to the business
(38:57) Where to learn about IR and Threat Detection?
(41:09) Fun Section
(44:14) Where you can connect with Andrew
From Code Suggestions to Security
What is GitHub Copilot? Its a AI-powered coding assistant that's redefining how developers write code. We spoke to Joseph Katsioloudes, a security specialist from the GitHub Security Lab. We spoke about how GitHub Copilot has been designed to serve not just developers but security professionals and others involved with code, enhancing productivity, satisfaction, and security across the board.
Guest Socials: Joseph Katsioloudes
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) A bit about Joseph
(01:07) What is GitHub Copilot?
(02:42) Use case for GitHubCopilot from a security perspective
(04:16) Cloud Development Kits (CDKs) for GitHub Copilot
(05:48) Business Motivation for GitHub Copilot adoption
(07:41) Should we trust AI generated code ?
(08:31) Using GitHub Copilot
(12:00) Data Privacy with Github Copilot
(13:28) GitHub Copilot for Regulated Industries
(14:51) What is GitHub Copilot X?
(16:02) What is GitHub Workspace?
(18:20) The Fun Section
Cloud Security Operations for Modern Threats
How is your Cloud Incident Preparedness? Is your CSPM enough? Ashish spoke to Ariel Parnes, Co-Founder and COO at Mitiga about the concept of "Assume Breach" and its importance in developing a proactive cloud security framework. If you are looking to understand the nuances of of cloud incident response and being prepared for them, the effectiveness of current tools, and the future of cloud security operations strategy, then this episode is for you.
Guest Socials: Ariel Parnes
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:46) A bit about Ariel Parnes
(04:02) Cybersecurity in the world of Cloud
(06:07) What is Cloud Incident Preparedness?
(08:40) Reality of Cloud Incident Preparedness
(11:16) Does a CSPM help with Incident Preparedness?
(13:54) Should logs be sent to SIEM?
(15:59) Whats a good starting point for Incident Preparedness?
(18:31) Gaining deep visibility in your cloud environment
(19:50) Do you need a Security Data Lake?
(25:56) Demonstrating ROI for Security Operations
(28:28) Importance of Human Factor in Security Operations
(30:51) Low Hanging fruits to strengthen cloud operations
(32:31) The Fun Questions
Understanding Threat Modeling in Cloud
Do you need an essential guide for Threat Modeling your Cloud Environment, then this episode is definitely for you. Ashish sat down with Tyson Garrett from TrustOnCloud. We explore why and how organizations should approach threat modeling in cloud to enhance their security posture. Tyson and Ashish go through the practical steps required for effective threat modeling, including identifying and prioritizing threats, and the continuous adaptation required to address the dynamic nature of cloud services.
Guest Socials: Tyson Garrett
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:50) A bit about Tyson Garrett
(04:27) What is Threat Modeling in Cloud?
(06:29) Threat Modeling the right way in the Cloud
(08:23) Threat Modeling in Cloud vs On Prem
(11:05) Examples of Threat Modeling
(13:41) Threat Modeling AI Services from Cloud Providers
(21:58) Including Threat Modeling in Security Programs
(25:09) Threat Modeling Cloud at Scale
(28:08) Different Approaches for Threat Modeling
(30:21) Challenges with Threat Modeling in Cloud
(33:42) Best Practices for Threat Modeling in Cloud
(39:59) Showing ROI on Threat Modeling
(42:57) Maturity Levels of Threat Modeling
(45:21) Starting point for learning about Threat Models
(46:12) The Fun Questions
(48:41) Where can you connect with Tyson
Resources spoken about during the episode
Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis
What is the role of AI in Legal Research and Data Security? We spoke to Matt McKeever, CISO and Head of Cloud Engineering at LexisNexis, a company that uses GenAI and Custom LLM models to help its customers with legal research, guidance and drafting. Matt spoke to us about intersection of cloud engineering, cybersecurity and the revolutionary impact of Generative AI (GenAI) in the legal sector. He shared how LexisNexis leverages GenAI to enhance legal research, draft legal documents and summarize cases efficiently. We learn about the importance of data security in AI applications, especially in the legal industry and the role of custom Large Language Models (LLMs) in securing and processing legal data.
Guest Socials: Matt McKeever
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp Questions asked: (00:00) Introduction (00:26) LexisNexis use case for GenAI (02:37) Amazon's Generative AI services (03:24) Cybersecurity Threats when using GenAI (05:14) Where to get started with Security in GenAI? (06:53) Balancing Security and Innovation (08:20) Business reason for GenAI (09:13) Lessons from working with GenAI (11:14) Having Custom Large Language Model (13:42) Impact of AI on Cloud Security Roles (14:50) Get Started with Custom Large Language Model (15:48) Fun Questions (17:49) Where to connect with Matt McKeever?
Sidecar Container Vulnerability in Kubernetes explained
Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing significant threats beyond the commonly discussed crypto mining attacks. Magno spoke about common attack paths targeting Kubernetes clusters, from exploiting application vulnerabilities to leveraging exposed Kubernetes services and compromised valid accounts.
Guest Socials: Magno Logan
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:26) A bit about Magno Logan
(01:49) Kubernetes Common Threats Explained
(02:23) Kubernetes Cluster Attack Entry Points
(04:28) How attackers maintain persistent access in Kubernetes?
(05:30) Container Escape Explained
(07:03) Maintaining Persistence in Kubernetes Clusters
(08:18) What are Sidecars?
(10:43) How to secure your sidecars?
(12:33) Where can people learn more about this
(13:57) The Fun Section
Resources spoken about on the podcast
Role of application security posture management in cybersecurity
Navigating modern application security in a world of Cloud, DevSecOps and now AI is getting rather complex. We spoke to Idan Plotnik, who has 24 years of cybersecurity experience under his belt and is the Co-Founder of Apiiro about world of Application Security Posture Management (ASPM) and their relevance in both large and small organizations. Idan speaks about the challenges faced in managing vast quantities of repositories and tackles common misconceptions about ASPM, confirming that it's not intended to replace existing security pipelines.
Guest Socials: Idan Plotnik
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked: (00:00) Introduction (04:58) A bit about Idan Plotnik (05:56) Application Security tools explained (08:09) Why Application Security Orchestration Correlation (ASOC) didn't work? (09:14) Difference between Cloud Security and Application Security Tools (14:51) Why is there a growing need for Application Security Tools today? (19:07) Do Small to Medium size businesses need Application Security Tools? (21:46) Managing Cybersecurity Tools (26:08) API Security for Applications (30:29) Dealing with Regulatory Requirements in Cybersecurity (34:16) Evolving Goals in Application Security (35:49) Deciphering MTTR in Cybersecurity (37:54) The Fun Questions (39:37) Where you can connect with Idan?
Cybersecurity Best Practices and Password Security in Cloud and AI
We caught up with Troy Hunt and Scott Helme at NDC Security Oslo 2024 to talk about best practices when it come to decoding TLS, password security and data breaches in cloud and AI.
Troy Hunt, known for his work with haveibeenpwned.com, spoke to us about the complexities of cloud deployment and paradox of data input versus privacy risk in Large Language Models (LLMs), Cloud. Scott Helme, a security researcher and founder of securityheaders.com, spoke about the importance of early security training in the development lifecycle for applications built in 2024. We dissected the critical yet often overlooked aspects of cybersecurity in cloud and ai.
Guest Socials: Troy Hunt + Scott Helme
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:37) Evolving Landscape of Password Management
(04:17) Analyzing Data Breach Trends:
(05:48) Latest Security Protocols with TLS and Encryption
(08:24) Debating Encryption Key Management
(10:59) AI's Role in Data Breaches:
(13:59) Best Practices for Enterprise Password Management
(16:01) Best Practices for Password Management in Small to Medium Sized Businesses
(18:04) Top 5 security best practices
(19:58) Understanding Security Headers
(27:14) The Fun Section
Multicloud strategy for AWS and GCP
What is a good multicloud strategy in 2024? We spoke to Vivek Menon, CISO for Digital Turbine about the maturity and security capabilities of major cloud service providers, AWS and GCP.
Vivek spoke about the journey from on-premise to multi-cloud landscapes, the strategic approaches to cloud security in 2024, and the unique challenges that teams face across different cloud platforms. Vivek shared his insights into IAM, misconfigurations, and the value of dedicated cloud-specific teams provide a roadmap for organizations aiming to enhance their cloud security posture.
Guest Socials: Vivek's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:58) A bit about Vivek Menon
(02:53) Transitioning from On-Premise to Multi-Cloud
(05:35) What is mobile ad tech?
(06:44) Why AWS and GCP?
(08:09) Challenges in Multi-Cloud Environments - The people piece
(09:37) Challenges in Multi-Cloud Environments - The process piece
(10:42) Managing identities in a MultiCloud Environment
(12:52) Managing Misconfigurations in a MultiCloud Environment
(13:58) Multi-Cloud Security- Build In-House or Buy Tools
(17:44) Starting Point for MultiCloud Policy
(18:54) AWS vs. Google Cloud: Comparing Cloud Security Maturity
(20:28) What makes security in Google Cloud stand out
(21:18) CISO Guide: Initiating a Cloud Security Strategy in 2024
(25:01) The Fun Section
(27:03) Where can you connect with Vivek
AI's Role in Security Efficiency - Kubernetes Edition
Dive into the world of AI and Kubernetes with Shopify's Shane Lawrence in this episode of the Cloud Security Podcast. Shane, shares his experience in the security team at Shopify and working on the intersection of AI, Large Language Models (LLMs), and Kubernetes security. Shopify is looking to pioneer the use of AI to streamline developer operations, enhance productivity, and bolster security measures in multi-tenant Kubernetes environments.
This episode will be valuable for you if you work in Kubernetes, Security and looking for how AI can build efficiency in your team.
Guest Socials: Shane's Linkedin (Shane's Linkedin)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction to AI and Kubernetes
(01:32) Shane Lawrence and Shopify's AI Journey
(02:21) AI and Developer Efficiency in Kubernetes
(04:39) AI-Driven Automation for Security
(06:34) Challenges of AI in Kubernetes Environment
(11:22) Case Studies for AI in Kubernetes
(13:43) The Future of Kubernetes and AI
(15:59) Learning and Experimenting with AI in Kubernetes
(17:49) Closing Thoughts and Fun Q&A
Build an Effective AWS Cloud Security Program in 2024
How can you build a robust cloud security program in AWS, particularly as a startup and small to medium-sized businesses navigating AWS in 2024? We spoke to Chris Farris, who is the event chair for fwd:cloudsec, a known cloud security expert and one of the first AWS Heroes for security.
Chris shared his insights on how to build a security strategy that is both practical and effective in today's dynamic cloud environment. From discussing the importance of AWS organizations and Identity Centre to breaking down the complexities of cloud security posture management. You will hear actionable advice and best practices.
Guest Socials: Chris's Linkedin (@chrisfarris)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked:
(00:00) Introduction
(02:59) A bit about Chris Farris
(03:30) fwd:cloudsec Conference
(04:19) AWS Hero program for Cloud Security
(05:23) Building Effective Cloud Security Programs
(11:39) Top Recommendations for AWS Cloud Security
(13:34) What is AWS IAM Identity Center?
(18:02) How to Set Up AWS IAM Identity Center?
(20:13) Cloud Security in different industries
(29:31) The role of a Cloud Security Engineer
(34:30) Cloud Security Breaches
(38:02) Educational Resources in Cloud Security
(42:41) The Fun Section
Resources spoken about in this episode: fwd:cloudsec AWS IAM Identity Center Leveraging AWS SSO (aka Identity Center) with Google Workspaces breaches.cloud
Offensive Cloud Security Program for 2024
Is Offensive Security part of your 2024 Security Roadmap? We caught up with Sam Kirkman, Director at NetSPI EMEA at BlackHat Europe 2023 about what an Offensive Security Roadmap going into 2024 should look like. Offensive security is much more than pentesting. We spoke about how to build a capable team, different maturity stages of building such a program and resources you can lean on while you are on this journey across different industries.
Guest Socials: Sam's Linkedin (@sam-kirkman-cybersecurity)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:53)A bit about Sam Kirkman
(03:53) What is offensive security?
(04:52) The attack landscape
(07:34) Offensive Security Roadmap
(09:43) Components of Offensive Security Roadmap
(11:04) Whats a good starting point?
(12:55) Skillsets required in the team
(16:57) Different stages of maturity
(19:09) Where can people learn more about this?
(22:03) Where you can connect with Sam
Understand Your Cloud Security Landscape to cut through the noise!
Cloud Security environments looks very complex in 2023, and it will continue to evolve in 2024 now with AI. At AWS re:Invent 2023 this year, we sat down with Alex Jauch, Senior Director of Product Management at Outshift to talk about the complexities in Cloud Security, the role of GenAI and what can be items to consider for your 2024 Cloud Security Program.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked: (00:00) Introduction (01:34) A bit about Alex (02:02) Current Cloud Security Landscape (04:43) The cloud security acronyms (08:44) Dealing with complex infrastructure (12:31) Impact of GenAI on Security (15:26) Do you have GenAi in Production? (16:55) We are all one team! (19:04) 2024 Security Program (20:39) Whats not being spoken about? (22:11) The fun section (26:00) Where you can connect with Alex!
Kubernetes Security Trends 2024 | Software Supply Chain Security, Zero Trust and AI
Kubernetes is shaping the future of cloud native technology with interest from security folks, businesses and developers - what does the future of Kubernetes Security look like? At Kubecon NA 2023, we spoke to Emily Fox who is the chair of CNCF's Technical Oversight Committee and Software Engineering Lead at RedHat about how Zero Trust plays out in the Kubernetes environment, challenges and solutions in securing the software supply chain within Kubernetes, the impact of AI workloads on Kubernetes and future of Edge Computing and Kubernetes.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions Asked:
(00:00) Introduction
(02:23) A bit about Emily
(02:51) What is Supply Chain Security?
(03:51) What triggered this conversation?
(05:10) Supply Chain Security in Managed Kubernetes
(06:07) What is Zero Trust?
(07:24) Implementing Zero Trust
(09:29) The role of Security and Compliance
(11:13) Compliance as code in Kubernetes
(13:22) What is Edge?
(17:41) The impact of AI on Security
(20:39) Detection for AI and Kubernetes
(22:29) How are the skillsets changing?
(25:00) Security for Open Source Projects
(28:01) The fun section
Kubernetes Network Security for Multi Tenancy
Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant setups, tools and tactics for securing Kubernetes environments, insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
Thank you to our episode sponsor Vanta - You can check them out at vanta.com/cloud
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction (02:25) A bit about Cailyn (03:08) How is Kubernetes Networking different? (04:20) Foundational pieces of Kubernetes Networking (06:21) Whats missing in Kubernetes Networking? (07:47) What is Multi Tenancy? (10:20) What are some of the common threat models? (13:16) How are people responding to threats? (14:41) Where to start learning about this? (16:26) Best practices for Kubernetes Networking (18:16) What becomes more important with maturity? (21:14) Resources to learn more about Kubernetes Security (22:30) The Fun Section
Resources shared during the episode:
Kubernetes Security Checklist - https://kubernetes.io/docs/concepts/security/security-checklist/
Pentesting your own cluster with Liz Rice - https://www.youtube.com/watch?v=fVqCAUJiIn0
AWS reInvent 2023 - Security highlights and announcements
Cloud Security Podcast just got back from AWS re:invent 2023, there was a lot of chat around, you guessed it - GenAI but along with that there were plenty of security updates and announcement. Shilpi and Ashish broke them all down for you and what it all actually means for all security practitioners.
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(04:49) GenAI at AWS re:Invent
(06:01) No new security service announced
(06:48) Updates from CEO and CTO Keynotes
(11:29) What is Amazon Inspector?
(12:10) Amazon Inspector Security Updates
(15:09) What is AWS Security Hub?
(15:52) AWS Security Hub Security Updates
(18:52) What is Amazon GuardDuty?
(20:10) Amazon GuardDuty Security Updates
(22:49) What is Amazon Detective?
(23:45) Amazon Detective Security Updates
(26:22) What is IAM Access Analyser?
(28:06) IAM Access Analyser Security Updates
(30:33) What is AWS Config?
(31:25) AWS Config Security Updates
(32:35) Other Security Updates
(33:46) 3 Layers of AI
(35:21) What is Amazon CodeWhisperer?
(36:36) Amazon Application Composer
(37:34) Guardrails for Bedrock
(38:13) Amazon Q
(41:17) Zero Trust
(41:45) Ransomware
(44:29) Security Talks
(45:54) Input filtering and validation for WAF
(50:31) Enterprise IAM and data perimeter
(53:00) Conclusion and find out more!
You can check out the Top announcements of AWS re:Invent 2023 + AWS re:Invent 2023 - Security Compliance & Identity
eBPF - Kubernetes Network Security without the Blind Sides!
eBPF is recent graduate in the CNCF family and this means that the world of Cloud and Kubernetes, networking looks very different with more security capabilities. Cilium the project from Isovalent has been gaining traction for network security for kubernetes as blindsides have been called out in the managed kubernetes deployments. This episode was recorded at KubeCon NA with Thomas Graf from Isovalent to share what the blindsides are and why eBPF provides better network security capability for kubernetes deployments of any scale.
Guest Socials: Thomas's Linkedin (@ThomasGraf)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:42) A bit about Thomas
(04:11) Traditional Networking in Kubernetes
(06:52) What is Cilium?
(07:52) What is eBPF?
(08:46) What do people use Cilium for?
(11:31) Starting with network security in Kubernetes
(13:02) Complexities with Scale
(16:02) How do projects graduate?
(17:02) The eBPF documentary
(17:27) Opensource to Company
(18:52) Practitioner to Founder
(19:57) Building an open source project
(21:13) The Fun Questions!
You can check out the The eBPF Documentary here
Attack Path Analysis for Better Kubernetes Security
Kubernetes security cannot just be Kubernetes but it is like security of a datacenter within another datacenter. In this episode with Tim Miller we spoke about CNAPP, how to approach kubernetes security.
Thank you to our episode sponsor Outshift by Cisco
Guest Socials: Tim's Linkedin (@timothyemiller)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:42) A bit about Tim Miller
(03:35) What is CNAPP?
(04:30) Traditional Kubernetes Security
(05:18) Where to put a CNAPP?
(06:20) CSPM vs CNAPP
(09:00) Attack Path Analysis
(11:05) Kubernetes Attack Path
(12:43) The team you need
(14:06) Resources to learn more
(16:24) Fun Question
Secure your SaaS applications like this!
SaaS Applications support large companies, small startups. We inevitably accumulate SAAS applications to manage our employees, payroll, communication with things like Workday, Slack, Salesforce and now even things like ChatGPT. But how do you find out what you have and if they are secure. We spoke about all things SSPM with Max Feldman who has done Product Security for years at companies like Slack, Salesforce and now AppOmni.
Thank you to our episode sponsor AppOmni
You can get a copy of their SaaS Security Posture Management Report 2023 here
Guest Socials: Max's Linkedin (@maxfeldman14)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(04:20) A bit about Max
(04:48) What is a SaaS application?
(05:45) What is SSPM?
(09:33) When to consider a SSPM?
(15:45) SaaS and the Cloud
(16:39) SaaS Attack Surface
(19:34) CASB vs SSPM
(24:00) Is ChatGPT a SaaS application?
(25:07) SSPM vs CSPM + CNAPP
(27:33) SSO and Onboarding
(29:21) Starting a SaaS Security Program
(36:48) Challenges with SaaS Security Program
(41:50) Where you can find Max!
Threat Detection for not so Common Cloud Services
Threat detection is often limited to popular cloud services, so whats happening to all the "not so popular or commonly known" cloud services in your environment? We are speaking to Suresh Vasudevan, CEO of Sysdig about challenges typically companies find with this space and what should be the approach for threat detection. If you feel you are looking at threats from all cloud services you might want to hear this episode to know you actually are.
Thank you to our episode sponsor Vanta and Sysdig
You can find out more about Sysdig here!
Find out more about Vanta here!
Guest Socials: Suresh's Linkedin (@suvasudevan)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(03:41) A bit about Suresh
(05:14) How was threat detection done traditionally?
(07:33) How does threat detection translate to cloud?
(08:47) Uncommon services attack vector examples
(11:00) Uncommon services explained
(11:31) Problems with threat detection in cloud
(16:53) How to approach prioritisation?
(19:48) Bridging Cloud and Applications
Resources discussed during the episode!
How to Escape Clusters in a Managed Kubernetes Cluster?
Not Escaping Containers but escaping Clusters - Managed Kubernetes distributions such as Amazon EKS, Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS) attack vectors can allow you to reach the underlying AWS Account etc. In conversation with Christophe Tafani-Dereeper & Nick Frichette, from Datadog on how this is possible in Amazon EKS and achieving potentially the same in GKE & AKS too.
Thank you to our episode sponsor Sagetap
Guest Socials: Nick's and Christophe's Linkedin (Nick Frichette + Christophe Tafani-Dereeper)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp Questions asked: (00:00) Introduction
(04:11) A bit about Christophe
(04:37) A bit about Nick
(05:03) What is managed Kubernetes?
(06:26) Security of managed Kubernetes
(09:02) Comparison between different managed Kubernetes
(10:41) Service accounts and managed Kubernetes
(14:22) What is container escape?
(18:20) IMDSv2 for EKS
(19:51) IMDSv2 in EKS vs AKES and GKE
(22:01) Benchmark compliance for Kubernetes architecture
(24:49) Low hanging fruits for container escape
(27:17) Shared responsibility for managed Kubernetes
(29:34) Fargate for Managed Kubernetes
(32:00) Different ways to run containers
(33:37) Escaping Managed Kubernetes cluster
(38:39) Find more about this attack path
(42:38) Escalation priviledge in EKS cluster
(44:19) Reducing the Kubernetes attack service
(44:58) MKAT for Kubernetes Security
(48:23) Preventing AWS AuthConfig
(50:11) Propagation Security
(54:55) The fun section
(57:47) Resources for latest Kubernetes updates
Resources spoken about during the episode
Nick Frichette's Blog - Hacking the Cloud
Christophe Tafani-Dereeper' Blog
Have I lost my Secrets?
You know that feeling when you are unsure if you AWS secret that leaked is still available for use. There is no easy way to check this apart from looking in AWS to see if anyone used it. Turns out there could be another way.We have Ziad Ghalleb from GitGuardian to share free tool they released to help people look up if their secret was exposed on Github
Thank you to our episode sponsors GitGuardian and Sysdig
Guest Socials: Ziad's Linkedin (@ghallebziad)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp Questions asked: (00:00) Introduction
(04:53) A bit about Ziad
(05:47) What are secrets?
(07:37) Has my secret leaked
(08:46) How would users know?
(10:31) Whats the risk?
(15:43) What do orgs do for secrets?
(18:01) Keeping tab on your secrets
(20:33) Secrets management maturity
(22:43) Scaling Secrets management program
(25:20) Where to learn more ?
Resources spoken about during the episode
How to become a Senior Cloud Security Engineer?
Nick McLaren is a Senior Cloud Security Engineer at an Enterprise and he transitioned to this role from a Cloud Security Engineer at a Startup. On this episode he shared with us, how the roles differ between an enterprise and startup, what skills you require to become a senior cloud security engineer and what a day look like in a life of cloud security engineer. Thank you to our sponsors for the this episode Vanta - You can check them out at vanta.com/cloud Snyk - Check them out at Snyk.io/csp
Guest Socials: Nick's Linkedin (Nick McLaren)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(02:15) A message from our sponsor
(03:07) A bit about Nick
(04:30) Startup vs Enterprise
(09:12) Senior cloud security engineer
(11:34) Communicating with the business
(13:18) Agile Methodology
(17:03) A day in the life of cloud security engineer
(19:33) Knowing multi-cloud
(20:43) Learning Azure from AWS
(21:50) Dealing with Third parties
(24:36) you dont need to know everything
(25:51) Getting into Cloud Security
(27:55) Knowing coding and terraform
(29:37) The Fun Questions
5 Skills to Level Up Your Cloud Hacking
BlackHat 2023 and Defcon 31 Roundup were the breeding ground for new and existing hackers to come together and share what to look out for in 2023 and 2024. The skills that stood out were - Identity - Cloud Infrastructure Security - CI/CD Security - Preventative Security - Data Security Do you agree?
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Video
(00:00) Introduction
(00:57) Identity
(03:54) Data Security
(06:33) Cloud Infrastructure Pentesting
(08:38) Preventative Cloud Security
(10:57) CI/CD Security
Become a Cloud Native CISO in 2023
Michael Piacente has been helping companies find Security Executives (CISO) for a long time for some household name companies like Lyft, Instacart, Airbnb and more . In episode we speak about his current passion for Cloud Native CISOs what they are and what kind of skills should they work on to become CISO in the Cloud native world most organizations are moving ahead with in full force.
Thank you to Sagetap for sponsoring this episode, you can find out more about them on - https://www.sagetap.io/
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Michael's Linkedin (Michael Piacente)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(03:57) A bit about Michael Piacente
(07:20) Why the focus on Cloud Native CISOs?
(09:52) What is a Cloud Native CISO?
(12:47) Different type of leadership roles in Security
(18:30) How are CISOs compensated?
(21:27) How CISOs can protect themselves?
(25:31) Have the roles & responsibilities changed?
(27:33) Importance of personal branding
(34:48) Trajectory after becoming a CISO
Software Supply Chain Controls for Terraform
Understanding Software Supply Chain security threats for Terraform which has been the default for Infrastructure as Code is important. in this episode Mike Ruth is sharing his experience of working on securing Terraform Cloud/Terraform Enterprise - no open source was harmed in the making of this episode.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Mike's Linkedin (Mike Ruth)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(03:27) A bit about Mike Ruth
(04:01) What is Terraform?
(05:38) Terraform in the context of supply chain
(07:24) Flavors of Terraform
(09:07) Deploying Terraform
(12:25) Terraform Architecture
(14:48) Research findings that Mike and Oca made
(25:52) Securing Terraform Architecture
(28:13) Policy Enforcement
(29:13) What is a Module?
(30:15) Security best practices for Terraform Deployment
(31:53) Learning about Terraform security
(34:44) Maturity for Terraform
(37:45) The Fun Questions
Mike spoke about Terraform Cloud Security Model during the interview.
See you at the next episode!
Data Security RoadMap in 2023
DSPM or Data Security Posture Management with Yotam Segev from Cyera: Most security teams have known about data challenges in their organization and some of them are put in the too hard to solve right now bucket. Yotam came on the show to talk about who should own and manage data security programs and what can a data security roadmap look like for leaders who are working on the data problem today.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Yotam's Linkedin (Yotam Segev)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(04:32) Why is data security getting attention?
(05:46) How was data security done before?
(06:43) Cloud native way of managing data
(07:31) What triggers a data security project?
(08:35) At what stage should you start data security?
(10:06) Challenges with starting data security projects
(13:02) What does success look like?
(15:02) Does the CISO own data security?
(16:03) The right skill set for data security
See you at the next episode!
The Cloud to Code Dilemma - Let's Talk
Is it code to cloud or cloud to code with Harshil Parikh from Tromzo: A lot of leaders today face the inevitable question of should i start with the code or the cloud first. Harshil Parikh from Tromzo was kind enough to share his CISO experience on the topic on what each of these are and what can CISOs priortise in their programs.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Harshil's Linkedin (Harshil Parikh)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(02:51) Harshil's path into cybersecurity
(04:30) What is code to cloud?
(05:19) What is cloud to code?
(06:29) How was cybersecurity done traditionally?
(08:28) What should CISOs prioritise?
(09:43) How different sectors are impacted?
(10:56) Where should CISOs start?
(12:30) Application vs Cloud vs Product Security
(14:44) Is application security becoming cloud security?
(16:43) What does maturity look like?
(20:18) The fun questions
See you at the next episode!
CISO Perspective: Josh Lemos, CISO of Gitlab
Josh Lemos former CISO of Block and the current CISO of GitLab comes from a pentester background and made his way to become a CISO. We were lucky enough to interview him during the hacker summer camp on his journey, his experience in AI, takeaway from BH CISO summit and types of CISOs & more. Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Josh's Linkedin (Josh Lemos)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(01:47) A bit about Josh Lemos
(03:48) What does cloud security mean to Josh?
(04:53) What to look out for with AI/ML?
(07:03) CISO perspective on AI/ML
(08:13) What should a CISO roadmap look like in 2023?
(10:39) Takeaways from BlackHat CISO Summit
(12:24) CISO for B2B vs B2C
(13:43) Hardware vs Software Security
(14:41) Skills needed to become a CISO
(15:48) What is cloud pentesting?
(17:20) Fun Questions
See you at the next episode!
The Azure Cloud Security Pentesting Skills You NEED!
Karl Fosaaen, the author of Penetration Testing "Azure for Ethical Hacker" and the VP of Research at NetSPI, came as a guest to share why the penetration Test of a Web Application hosted on Azure Cloud in 2023 is quite different to just a simple/traditional web app pentesting and the skills you need to pentest Azure environments. Cloud Penetration testing is misunderstood to be just config review in Microsoft Azure Cloud just like in AWS and Google Cloud. In this video, we have Karl Fosaaen was kind enough to answer the following questions and methods.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Karl's Linkedin (Karl Fosaaen)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(02:32) A bit about Karl Fosaaen
(03:26) How is pentesting in Azure different from AWS?
(04:35) Cloud pentesting is not just config review
(05:42) Cloud pentesting vs Network pentesting
(06:25) Cloud Pentest - Next evolution of Network Pentest?
(07:14) Boundaries of cloud pentesting
(09:07) Do you need prior approval for Azure Pentest?
(09:32) Working with Microsoft Security Research Centre
(10:35) Process of pentesting in Azure
(11:57) Low hanging fruits to start off with!
(13:37) How to persist and escalate?
(14:58) Managed Identities in Azure
(16:23) Impact of peripheral services to Azure
(18:33) Scale of deployments in Azure
(21:02) Getting access to permissions for Azure Entra
(22:36) Scaling your pentest tools
(23:34) TTPs or Matrix you can use
(25:30) Getting into Azure Pentesting
(26:56) Transitioning from network to azure pentesting
(28:37) Connect with Karl
Resources:
The NetSPI Blog to learn more about offensive cloud security
See you at the next episode!
How to detect software supply chain attacks with Honeytokens?
Can Honeytokens be used in your supply chain security? Turns out we can! We spoke to Mackenzie Jackson ( @advocatemack ) from @GitGuardian about the benefits of using Honeytokens, which organisations can benefit from them and whats involved in deploying them and next steps once they are triggered.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Mackenzie Jackson ( @advocatemack )
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction (02:01) A bit about Mackenzie Jackson (02:37) What are Honeytokens? (03:35) Traditional threat detection (05:29) Honeytoken in action (07:02) Deployments for Honeytokens (09:46) Role of Honeytoken in Supply Chain (11:02) Deploying and managing Honeytokens (13:12) Incident response with Honeytokens (15:01) What companies should use Honeytokens? (16:05) What if the key is deleted !
Resources:
You can find out more about Honeytokens & GitGuardian here!
See you at the next episode!
Google Cloud Security Pentesting Methodology
Penetration Test of a Web Application hosted on Google Cloud in 2023 is quite different to just a simple/traditional web app pentesting.
Cloud Penetration testing is misunderstood to be just config review in Google Cloud. In this video, we have Kat Traxler who is a cloud security researcher, SANS Course author and has worked in the Google Cloud space to even build open source tools that can be used to perform cloud security testing.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Kat Traxler ( Kat Traxler's Linkedin )
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(04:17) A bit about Kat Traxler
(05:56) Pentesting in GCP vs AWS
(08:07) Config review vs cloud pentesting
(09:24) Cloud pentest vs Traditional Pentest
(10:28) Starting to do GCP pentesting
(12:35) Common services used in GCP
(14:10) Low hanging fruits in GCP
(15:25) What are default service accounts?
(17:52) You may already have google cloud
(20:00) How to persist access in Google Cloud?
(21:56) Shared responsibility in GCP
(24:01) Common TTPs in GCP
(28:05) Is there SSRF in GCP?
(30:19) Open source tools for cloud pentest
(33:59) Fun questions
Resources that Kat shared during the episode
- The Google Cloud Adoption Framework
- Google Cloud Org Policy Bot
- GCAT Threat Horizons Report
- Pacu
- Microburst
- DeRF
- Stratus
See you at the next episode!
Network Pentest 2.0 : The Cloud Pentest Revolution
Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bishop Fox to clarify the myth.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Seth Art's Linkedin (Seth Art Linkedin)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Question
(00:00) Introduction
(05:17) A bit about Seth Art
(06:44) Network vs Infrastructure Security Pentest
(08:00) Internal vs External Network Security Pentest
(10:26) Assumed vs Objective Based Pentest
(12:51) Is network pentest dead?
(14:04) How to approach network and cloud pentests?
(20:12) Cloud pentest is more than config review
(24:04) Examples of cloud pentest findings
(30:07) Scaling pentests in cloud
(32:25) Traditional skillsets to cloud pentest
(36:58) A bit about cloudfoxable
(39:31) Cloud pentest and Zero Trust
(40:54) Staying ahead of CSP releases
(44:31) Third party shared responsibility
(47:35) 1 fun question
(48:36) Boundary for cloud pentest
(52:21) Last 2 fun questions
These are some of the resources that Seth shared during the episode along with the tools he has created
See you at the next episode!
Google Cloud Hacking Red Team Perspective!
Google cloud hacking or pentesting is very different to other popular cloud service providers like aws or azure. In this episode we had Shannon McHale (Mandiant now Google Cloud) to talk about how she approaches pentesting a google cloud environment and how you can too.
Episode YouTube: Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Shannon McHale's Linkedin (Shannon's Linkedin)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(03:38) A bit about Shannon McHale
(05:31) What is Red Teaming?
(06:42) Red Teaming in the Cloud
(07:50) Methodology behind Red Teaming
(09:32) Pentesting in Goole Cloud
(10:28) Low hanging fruits in Google Cloud
(14:36) GCP storage
(16:09) Red Team Assessment in Google Cloud
(17:08) The importance of Metadata
(18:17) Recommendations for Blue Teamers
(22:03) How to get started in Red Teaming?
(26:06) Tools or Research that stood out for Shannon
(27:42) GCP Resources that can be exposed
(29:15) Resources to learn about Cloud Red Teaming
(30:37) The Fun Questions
These are some of the resources Shannon found helpful to learn about Pentesting in Cloud along with her own GitHub link
See you at the next episode!
Cloud Security in the BoardRoom - CISO Perspective with Phil Venables
CISOs in organizations that are going through digital transformation have a responsibility of educating the board on how Cloud Security is measured and improved on to manage the risk posture of the organization. We had Phil Venables, CISO of Google Cloud share from his experience of serving as a CISO for so many years on how to best share cybersecurity and cloud security metrics with the c-suite and the board.
Episode YouTube Video Link
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Phil Venable's Linkedin (Phil's Linkedin)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(03:02) A bit about Phil Venables
(04:17) Are boards talking about Cloud Security?
(05:47) Security Metrics to show to the board
(07:48) Are Security Metrics seasonal?
(10:23) Aligning security metrics to business goals
(13:59) Educating the board about Cloud Security
(15:50) CISOs should be braver
(18:42) 3 Security Metrics to start with
(25:25) Setting the risk appetite as a organisation
(27:11) Essential attributes for a CISO
(29:14) What makes a successful security program?
(32:18) Skillsets required to become a CISO
(36:49) The fun questions
See you at the next episode!
Google Cloud IAP - A Pentester Viewpoint
Google Cloud Security Assessment from a pentester's lens. Anjali from NotSoSecure will be sharing her research into Google Cloud IAP & finding ways to assess the use of Google Cloud IAP in your environment and what are some of the low hanging fruits that you can remove today to reduce any potential risk from the service to your Google Cloud environment.
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Anjali S's Linkedin (Anjali S)
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(04:31) A bit about Anjali Shukla
(05:23) What is GCP IAP?
(07:18) Why is IAP so important?
(09:55) IAP and Identity Federation
(11:34) SSH vs Jump Box
(13:57) GCP IAP vs AWS Cognito
(16:22) Misconfigurations in GCP IAP
(23:17) Potential security scenarios
(25:45) Cloud Security Assessment in GCP
(28:13) Doing your own cloud security assessment
(30:49) The Fun Questions
See you at the next episode!
Doing Google Cloud Security RIGHT!
AWS Landing zones are well known but not as much in the Google Cloud space. In this episode we have Jimmy Barber shares how controls can be automated in GCP to create landing zone to manage security across a large google environment.
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Jimmy Barber's Linkedin Jimmy Barber
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(03:10) A bit about Jimmy Barber
(05:42) Transitioning from on-prem to cloud
(07:26) How are things different in GCP?
(09:01) Building blocks of working with GCP
(14:15) What is a landing zone in GCP?
(17:23) Building landing zone in existing GCP environments
(20:04) Using Cloud Native services vs others
(22:59) Security gaps in GCP
(25:15) Non technical challenges moving to cloud and GCP
(28:45) Doing security in GCP
(31:18) Where to start learning about GCP
(32:37) The Fun Section
These are some of the resources Jimmy found helpful when learning GCP Security
See you at the next episode!
An AWS Centric View of Google Cloud Identity
Cloud Security Podcast - Yes - AWS Cloud folks are starting to look after Google Cloud security now in a lot of organisations. Caleb Tennis from Sequoia Capital joins us to share his personal experience on how from being an AWS professional he started looking after Google Cloud Identity and how to secure their Google Cloud Environment.
Episode YouTube Video - https://youtu.be/k1FrVEe1tGc
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Caleb Tennis's Linkedin Caleb Tennis
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
See you at the next episode!
So You WANT TO DO Google Cloud Threat Detection - Start here!
Cloud Security Podcast - Cybersecurity Threat hunting explained for Google Cloud. Day Johnson is a threat detection engineer and in this episode of Cloud security for Google Cloud security we spoke about how to start doing threat detection in Google Cloud, the common threats and attack vectors in GCP
Episode YouTube Video - https://youtu.be/FCVG7-lFu0Q
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Day Johnson's Linkedin (Day - Linkedin)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(02:37) A word from our sponsor snyk.io/csp
(03:11) A bit about Day Johnson
(04:12) Common Threats in GCP
(06:04) Starting Threat Detection in GCP
(07:57) Transitioning to GCP from AWS
(10:53) Threat modelling by Service
(14:27) Where to start with threat detection in GCP
(18:17) Common Threat Vectors in GCP
(21:53) Automatic Threat Detection
(23:13) Services to be mindful of
(26:10) Compute Image Creation
(28:07) Get started in Detection Engineering
(32:45) Helpful resources for Threat Detection
(36:00) The fun questions
These are some of the resources Day found helpful for threat detection in GCP along with some resources he mentioned + his talk
See you at the next episode!
Using Data Perimeters in AWS To Scale Guardrails
Cloud Security Podcast - AWS Network Security, IAM Security or even Organization security for what can happen in your AWS Environments can be achieved using Data perimeter. John Burgress (John - Linkedin) from Stripe spoke about this topic at @fwdcloudsec and shared additional insights on the thinking he had when building data perimeters are guardrails. There were lot more gems dropped so def check out the episode.
Episode YouTube Video - https://youtu.be/Hs9ZEaVG7Ww
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: John Burgress (John - Linkedin)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(03:13) A word from our sponsors
(03:38) A bit about John Burgess
(04:26) Data perimeter in the Cloud
(05:10) Defining data perimeter in AWS
(06:50) Where to start building AWS data perimeter
(08:21) The defense in depth approach 09:09 Approach to enable developers
(10:40) Starting point for building data perimeter
(11:41) Limitations with Data Perimeter
(13:06) Implementing data perimeter for segregation
(15:52) Working with Terraform Modules
(16:34) Goals behind data perimeter controls
(18:31) Proactive detection for third party
(20:00) Data perimeter for other CSPs
(20:42) Challenges in establishing data perimeter
(23:06) Dealing with multiple organisations
(23:35) Learn more about data perimeter
(24:06) The fun section
These are some of the resources John found helpful for data perimeter:
- Establishing a Data Perimeter on AWS: Overview
- Data Perimeter Policy
- ExamplesNetflix: Preventing Credential Compromise
See you at the next episode!
AWS INCIDENT RESPONSE - Automate Containment
Cloud Security Podcast - NIST Incident response framework has 4 steps including one for Containment. AWS Incident Response being API enabled allows for automating a lot of incident response activity especially containment. In this episode with Damien Burks (Damien - Linkedin) spoke about his @fwdcloudsec talk where he shared how he automated Incident Response in AWS environments of Citi. There were lot more gems dropped so def check out the episode.
Episode YouTube Video - https://youtu.be/IrLuHMLQs_w
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Damien Burks (Damien - Linkedin)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction (00:13) A word from our sponsors - Snyk.io/csp (01:16) A bit about Damien Burks (02:24) Incident Response in the cloud context (03:50) Is incident response different in the cloud? (05:22) Average time for an incident response (07:33) AWS services for incident response automation (08:55) AWS Eventbridge (11:56) The phases of incident response (13:42) Containment Phase: Starting point and challenges (17:54) Organisation with Multiple Accounts (20:09) How to structure the process (21:04) Containment for EC2 instance (23:54) Enjoying this cloud security topic so far?
(25:17) Containment for S3 Bucket (27:57) Where to start with incident response (30:18) Preparing for Incidents (32:08) Fun Questions
See you at the next episode!
Cloud Security Baseline For Scale
Cloud Security Podcast - Automating a Security Baseline in Cloud with Olivia Siow (Olivia's Linkedin) and David Levitsky (David's Linkedin). In this episode Olivia and David shared their experience of how they were able to empower developers to always do the right thing through positive reinforcements like making default libraries as part of the AWS Account build to scale security across their organisation. There were lot more gems dropped so def check out the episode.
Episode YouTube Video - https://www.youtube.com/watch?v=8kpiDcowl2A
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Olivia Siow (Olivia's Linkedin) and David Levitsky (David's Linkedin)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
Spotify TimeStamp for Interview Questions
A word from our sponsors - you can visit them on snyk.io/csp
(00:00) Introduction
(04:16) A bit about Olivia Siow
(04:31) A bit about David Levitsky
(04:54) Cloud Security Baseline
(06:38) Do all organisations need a cloud security baseline?
(07:16) Does cloud security baseline help with scaling?
(07:34) Success Metrics for establishing cloud security baseline
(10:41) The cultural side of building a baseline
(11:40) Anatomy of AWS Cloud Account at Scale
(12:58) Building Blocks of Cloud Security Baseline
(16:54) Non Technical Challenges
(19:24) Organisation Challenges
(21:41) Would larger organisations have multiple baselines?
(23:34) Baseline for Multicloud or hybridcloud
(26:10) Use case with terraform cloud and route 53
(30:26) What telemetry is important
(32:36) Segregating Logs in a cloud context
(33:58) Can be done with any cloud and tool of choice
(34:43) Baseline vs CNAPP + CSPM
(37:56) Team skill requirement
(39:16) The fun section
(45:13) Where can you connect with Olivia and David to continue the conversation
See you at the next episode!
AWS ReInforce 2023 Recap & Highlights
Cloud Security Podcast - AWS ReInforce 2023 or AWS Re:inforce 2023 highlights in a recap from the 2 Day affair for all things AWS Cloud Security! We were lucky enough to be there. This is a recap of the major announcements and highlights from major themes around the event.
Episode YouTube Video - https://www.youtube.com/watch?v=UhVBvnmmfnQ
Cloud Security Podcast Website - www.cloudsecuritypodcast.tv
FREE CLOUD Security BOOTCAMP - www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Timeline
(00:00) Introduction
(02:20) What is AWS re:inforce?
(04:33) Neha Rungta explains Verified Access
(05:38) Neha Rungta explains Verified Permissions
(07:53) What verified permissions means for you!
(09:35) Amazon EC2 Connect Endpoint
(11:08) Amazon GuardDuty Updates
(12:42) Amazon Inspector Code Scan for Lambda function
(14:26) Amazon Inspector SBOM Export
(17:35) Amazon Code Whisperer
(18:00) Amazon Code Guru
(20:15) Finding groups in Amazon Detective
(22:25) Dual Layer Encryption for AWS S3
(23:18) AWS Global Partner Security Initiative
(26:12) Key Themes from AWS re:inforce
(26:45) Shared Responsibility Model
(27:56) Cloud Security Newsletter
(30:04) Generative AI
(31:29) Amazon Bedrock
(34:04) Shift from ransomware to wiperware
(35:29) Nancy Wang explains AWS Backup Vault Lock
(37:18) Nancy explains double encryption with S3 Bucket
(38:41) Nancy explains how vault helps with data loss.
(40:20) AWS Backup Vault Lock
(41:55) Zero Trust and Identity
(45:03) DevSecOps
(46:47) How GenAI will impact cloud security roles?
(49:32) Amazon Security Lake
(52:26) Quantum Computing
See you at the next episode!
Will Application Security Eat Cloud Security for Lunch!
Cloud Security Podcast - Tanya Janca and Caroline Wong were on a panel with @AshishRajan at @RSAConference 2023. The Topic for the panel discussed what's the space of application security with cloud security or is it more they need to be separate camps.
Episode YouTube Video - https://www.youtube.com/watch?v=WSIykXAy6Z4
Cloud Security Podcast Website - www.cloudsecuritypodcast.tv
FREE CLOUD Security BOOTCAMP - www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Twitter: Tanya Janca (@shehackspurple)
Guest Twitter: Caroline Wong (@CarolineWMWong)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
See you at the next episode!
AI Security - Can LLM be Attacked?
AI Security Podcast - ChatGPT and other Generative AI use Large Language Model (LLM) but can these AI systems be attacked? ☠ 🤔 . In this 3 part AI Security series from Cloud Security Podcast Original episode, we're going to talk about the importance of AI security and how to protect your Language Model aka llm program from attack. How can LLMs be attacked by malicious threat actors - beyond the phishing email that everyone has been talking about. Who is this episode for? If you work with LLMs used by AI system or working on securing of internal LLM being built; then you would this video helpful in understanding the types of attacks that be used against a LLM.
Useful Resources are listed here: - NIST AI Risk Management Framework - https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf - Attack Mitre for LLM - Atlas https://atlas.mitre.org/ - OWASP Top 10 LLM - https://owasp.org/www-project-top-10-for-large-language-model-applications/descriptions/ - The AI Attack Surface Map v1.0 - Daniel Miessler, Unsupervised Learning - https://danielmiessler.com/blog/the-ai-attack-surface-map-v1-0/
YouTube Link to the Episode - https://youtu.be/Yl9qqt9C5lE
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
FREE CLOUD BOOTCAMPs on www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Episode
(00:00) Intro (00:49) LLM Explained (01:40) LLM Application Input Prompts (03:01) Data used by LLM Applications (04:58) LLM Applications Themselves (08:15) Infrastructure used to host LLM Application (11:11) What about Responsive AI (12:05) Ways to protect LLM Applications against these attacks (13:00) Useful Resources for AI Security (13:30) How do you defend against AI Attacks? (13:38) Outro - Thank you for watching & Subscribing
See you at the next episode!
What is DevSecOps? DevSecOps with Cloud & AI explained for 2023
Cloud Security Podcast - What is DevSecOps in 2023 especially in a world of Cloud and AI which is top of mind for both application security, developers, cybersecurity professionals. In this episode we will share how the updated definition of DevSecOps in 2023 has been redefined with Cloud and AI, also how does one measure success for DevSecOps.
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
FREE CLOUD BOOTCAMPs on www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Episode
(00:00) Intro
(02:01) Did Cloud enable DevSecOps
(03:43) Speed of Security in DevSecOps built on Cloud
(05:05) What is DevSecOps explained for 2023
(05:51) DevSecOps RoadMap
(08:25) DevSecOps Program Components in 2023
(10:55) Chatgpt Joke on Developers and DevSecOps
(11:43) How do you measure DevSecOps success?
(12:21) Generative AI impact on DevSecOps
(14:02) Thank you for watching & Subscribing
See you at the next episode!
Evolution of Kubernetes Security | KubeCon EU 2023
Cloud Security Podcast - we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the final episode in this series Kubernetes Security Panel from KubeCon EU 2023. Kubernetes Security has evolved since it's inception with many defaults being more secure and some still insecure or has it not evolved at all. Andrew Martin (Control Plane), Matt Jarvis (Snyk), Kerim Satirli (Hashicorp) were on the Kubernetes Security Panel organized by Cloud Security Podcast.
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
FREE CLOUD BOOTCAMPs on www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Andrew Martin (Control Plane), Matt Jarvis (Snyk), Kerim Satirli (Hashicorp)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
(00:00) Introduction
(04:28) A bit about Kerim, Andy and Matt
(05:13) What is Kubernetes?
(06:49) How do you describe Cloud Native Security?
(10:21) How Kubecon and Kubernetes has changed over the years?
(15:56) The growing presence of security in Kubecon
(22:10) Cloud Security and Cloud Native Security
(23:00) Maintenance of Kubernetes
(24:17) Shared Responsibility Model
(27:37) Single Cluster vs Multi Cluster
(34:34) Failure of Workload Identity
(36:11) Recommendations for learning
(42:06) Disaster Recovery for Kubernetes
(47:51) ChatGPT - Problem, Solution or Fad?
See you at the next episode!