Cloud Security عمومی
[search 0]
بیشتر
برنامه را دانلود کنید!
show episodes
 
Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud. We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security. We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Fa ...
  continue reading
 
Welcome to the Cyber Security & Cloud Podcast #CSCP where we will explore the dark secret of cloud and cyber. The podcast focuses on people and their stories and explores the human element that brings so many people together Some episode will be for the well-seasoned cybersecurity veteran but most are about stories of infosec people and how they reach where they are now. The focus and various stream of the podcast is Cybersecurity, Cloud Security, Application Security Social Engineering, and ...
  continue reading
 
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or ju ...
  continue reading
 
Security on Cloud explores the ups and downs, and ins and outs of cloud security like no other podcast. Hear interviews with industry heavyweights, analysts, and technologists in the cloud security and compliance space. You can receive the insights you need to navigate security and compliance in this new cloud-driven world. Also, hear about high-level trends that face the cloud security industry that you need to be on top of to stay ahead. How to deal with compliance nightmares, how the whol ...
  continue reading
 
Loading …
show series
 
Guest: Dr Gary McGraw, founder of the Berryville Institute of Machine Learning Topics: Gary, you’ve been doing software security for many decades, so tell us: are we really behind on securing ML and AI systems? If not SBOM for data or “DBOM”, then what? Can data supply chain tools or just better data governance practices help? How would you threat …
  continue reading
 
Get ready to embark on a captivating journey into application security with our guest, Chris Ghigliotty, Director of Security Engineering at JustWorks. A man of many talents, Chris hails from a background in teaching and writing, which lends him a unique perspective on the importance of communication within the cybersecurity industry. We promise yo…
  continue reading
 
Kubernetes security cannot just be Kubernetes but it is like security of a datacenter within another datacenter. In this episode with Tim Miller we spoke about CNAPP, how to approach kubernetes security. Thank you to our episode sponsor ⁠Outshift by Cisco Guest Socials: Tim's Linkedin ⁠(⁠@timothyemiller⁠)⁠ Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@Clo…
  continue reading
 
Kim Kischel is a good friend of our podcast team. We talked to her in 2019 when Ignite was much bigger and the world wasn't aware of what an pandemic is. In the meanwhile Kim is Director for Marketing of the whole Defender XDR suite - and this is exactly what we talk about with her. Its great to see and hear her excitement about the product - was r…
  continue reading
 
One of the greatest benefits of traveling around the world is meeting new people and making new friends. My guest on episode 53 is a highly accomplished international executive whom I only met about a year ago but today I consider him a dear friend. A brilliant *data-centric* executive who has been working in BI for decades...this is a terrific epi…
  continue reading
 
SaaS Applications support large companies, small startups. We inevitably accumulate SAAS applications to manage our employees, payroll, communication with things like Workday, Slack, Salesforce and now even things like ChatGPT. But how do you find out what you have and if they are secure. We spoke about all things SSPM with Max Feldman who has done…
  continue reading
 
Lavanya Lakshman is a Director for Product Management at Microsoft and working on one of the most exciting topics Microsoft is currently focusing on: Copilot. Together with our friend Oliver Kieselbach we talk with Lavanya about Copilot in Intune, Security Copilot and how all this interacts.
  continue reading
 
Paul Huijbregts is a Principal Product Manager for Defender for Endpoint and a legend in the team. We talk about the latest improvements he and his team is working on, like for example MDE for Windows Subsystem for Windows.
  continue reading
 
Guests: John Stoner, Principal Security Strategist, Google Cloud Security Dave Herrald, Head of Adopt Engineering, Google Cloud Security Topics: In your experience, past and present, what would make clients trust vendor detection content? Regarding “canned”, default or “out-of-the-box” detections, how to make them more production quality and not me…
  continue reading
 
We had the honor to host Alex Weinert and Etan Basseri on our podcast. Alex is a vice president at Microsoft and responsible for multiple identity security topics. Etan is an old friend of us and he is a product manager in Ales' team. Together we talk identity security in Microsoft products and Alex' vision on identity security. This episode is a m…
  continue reading
 
Our guest James Key is a Senior Product Manager at Microsoft and working on Security Copilot. We dive into this brand new product, its capabilities and the future of SOC and Blue Team work. We had a blast talking with James, the future is going to be very interesting. https://www.linkedin.com/in/jameskeyholisticsecurity/…
  continue reading
 
Guest: Miceile Barrett (Product Manager at Microsoft) https://www.linkedin.com/in/miceile-barrett https://twitter.com/MSFTMiceile We talked about the Next Generation of OneDrive. Colored folders, Mac support, OneDrive limits and more with Miceile from the OneDrive Team. Unveiling the Next Generation of OneDrive https://techcommunity.microsoft.com/t…
  continue reading
 
Guest: Joe Fernandez (Product Manager at Microsoft) https://www.linkedin.com/in/fernandezjoe/ https://twitter.com/fdezjose We talk about the Ignite Announcements of Copilot Studio and Power Automate in general. Introducing Microsoft Copilot Studio and new features in Copilot for Microsoft 365  | Microsoft 365 Blog…
  continue reading
 
Tiander Turpijn is Principal Program Manager at Microsoft and working on the integration of the Microsoft 365 Defender Portal and the Sentinel Portal. We discussed with Tiander what we can expect from this new unified portal. Tiander on LinkedIn: https://www.linkedin.com/in/tianderturpijnTiander on X: https://x.com/TianderTurpijn?s=20…
  continue reading
 
Eben ist die Keynote fertig und wir haben uns kurz hingesetzt und all die Copiloten und AIs sortiert. Das Setup ist noch etwas frisch und bei unseren Gästen für den Rest des Tages bekommen wir auch das Audio besser hin. Haltet durch.
  continue reading
 
This is the second time we've had the privilege of having Sean on Talking Cloud. Now Sean is the Head of Information Security and Compliance at KinderCare Education. With over 1,400 KinderCare centers in 40 states and more than 200,000 enrolled children, Sean has his hands full. Hear all about it in this episode. *NOTE* This is the second of the th…
  continue reading
 
In this episode, we have a fantastic discussion with a long-time friend, colleague, and amazingly technical executive, Steve DeJong. Steve has decades of technical experience with the internet, security, and software development. He is currently the Distinguished Engineer for Vercara - Previously, Neustar Security Services. (FYI-I looked everywhere…
  continue reading
 
Guest: Adrian Sanabria, Director of Valence Threat Labs at Valence Security, ex-analyst Topics: When people talk about “cloud security” they often forget SaaS, what should be the structured approach to using SaaS securely or securing SaaS? What are the incidents telling us about the realistic threats to SaaS tools? Is the Microsoft 365 breach a Saa…
  continue reading
 
Threat detection is often limited to popular cloud services, so whats happening to all the "not so popular or commonly known" cloud services in your environment? We are speaking to Suresh Vasudevan, CEO of Sysdig about challenges typically companies find with this space and what should be the approach for threat detection. If you feel you are looki…
  continue reading
 
Guest: Kelli Vanderlee, Senior Manager, Threat Analysis, Mandiant at Google Cloud Topics: Can you really forecast threats? Won’t the threat actors ultimately do whatever they want? How can clients use the forecast? Or as Tim would say it, what gets better once you read it? What is the threat forecast for cloud environments? It says “Cyber attacks t…
  continue reading
 
Not Escaping Containers but escaping Clusters - Managed Kubernetes distributions such as Amazon EKS, Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS) attack vectors can allow you to reach the underlying AWS Account etc. In conversation with Christophe Tafani-Dereeper & Nick Frichette, from Datadog on how this is possible in Amazon …
  continue reading
 
You know that feeling when you are unsure if you AWS secret that leaked is still available for use. There is no easy way to check this apart from looking in AWS to see if anyone used it. Turns out there could be another way.We have Ziad Ghalleb from GitGuardian to share free tool they released to help people look up if their secret was exposed on G…
  continue reading
 
Christopher Russell is the CISO at tZERO Group, a Mesh Security advisor, and a NightDragon Advisor. He is currently getting a PhD in Cybersecurity with a focus on Blockchain Security at DSU. His military intel background helps him keep cool under even the most stressful work situations. In this episodes, Francesco and Chris discuss identity and sec…
  continue reading
 
Guest: Wei Lien Dang, GP at Unusual Ventures Topics: We have a view at Google that AI for security and security for AI are largely separable disciplines. Do you feel the same way? Is this distinction a useful one for you? What are some of the security problems you're hearing from AI companies that are worth solving? AI is obviously hot, and as alwa…
  continue reading
 
Nick McLaren is a Senior Cloud Security Engineer at an Enterprise and he transitioned to this role from a Cloud Security Engineer at a Startup. On this episode he shared with us, how the roles differ between an enterprise and startup, what skills you require to become a senior cloud security engineer and what a day look like in a life of cloud secu…
  continue reading
 
Guest: Jay Thoden van Velzen, Strategic Advisor to the CSO, SAP Topics: What are the challenges with shared responsibility for cloud security? Can you explain "shared" vs "separated" responsibility? In your article, you mention “shared faith”, we have “shared fate”, but we never heard of shared faith. What is this? Can you explain? What about the c…
  continue reading
 
Guest: Kathryn Shih, Group Product Manager, LLM Lead in Google Cloud Security Topics: Could you give our audience the quick version of what is an LLM and what things can they do vs not do? Is this “baby AGI” or is this a glorified “autocomplete”? Let’s talk about the different ways to tune the models, and when we think about tuning what are the way…
  continue reading
 
Guests: Tomer Schwartz, Dazz CTO Topics: It seems that in many cases the challenge with cloud configuration weaknesses is not their detection, but remediation, is that true? As far as remediation scope, do we need to cover traditional vulnerabilities (in stock and custom code), configuration weaknesses and other issues too? One of us used to cover …
  continue reading
 
Steve Springett is the Director of Product Security at ServiceNow, helping 4,000+ developers build secure and resilient software. He’s a leader of multiple OWASP projects including Dependency Track, SCVS, and Cyclone DX. In this conversation, Steve and Francesco discuss the term SBOM (software bill of materials), the importance of regulations, and …
  continue reading
 
Host: Stephanie Wong, Product Manager, Google Cloud Guests (yes, really, we are the guests!): Anton Chuvakin Tim Peacock Topics: Could you tell us how you ended up in security? What was the moment you realized that Cloud security was different from well, regular, security? Anton is always asking this “3AM test”, where did that come from? How do you…
  continue reading
 
BlackHat 2023 and Defcon 31 Roundup were the breeding ground for new and existing hackers to come together and share what to look out for in 2023 and 2024. The skills that stood out were- Identity- Cloud Infrastructure Security- CI/CD Security- Preventative Security- Data Security Do you agree? Episode YouTube: ⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Hos…
  continue reading
 
Guest: Jeremiah Kung, Global Head of Information Security, AppLovin Topics: Before we dive into all of the awesome cloud migrations you’ve experienced and your learnings there, could we start with a topic of East vs West CISO mentality? We are talking to more and more CISOs who see the cloud as a net win for security. What’s your take on whether th…
  continue reading
 
Michael Piacente has been helping companies find Security Executives (CISO) for a long time for some household name companies like Lyft, Instacart, Airbnb and more . In episode we speak about his current passion for Cloud Native CISOs what they are and what kind of skills should they work on to become CISO in the Cloud native world most organizatio…
  continue reading
 
Christophe Parisel is a Senior Cloud security architect at Société Générale. He has extensively researched risk vulnerability and native cloud security. He specializes in IaaS, PaaS, and devSecOps. Two of his major contributions to the Cloud are Azure Firewall and Azure Policy. When asked, he says he’s is optimistic about the future of Cloud securi…
  continue reading
 
Guest: Andrew Hoying, Senior Security Engineering Manager @ Google Topics: What is different about system hardening today vs 20 years ago? Also, what is special about hardening systems at Google massive scale? Can I just apply CIS templates and be done with it? Part of hardening has to be following up with developers after they have un-hardened thi…
  continue reading
 
Understanding Software Supply Chain security threats for Terraform which has been the default for Infrastructure as Code is important. in this episode Mike Ruth is sharing his experience of working on securing Terraform Cloud/Terraform Enterprise - no open source was harmed in the making of this episode. Episode YouTube: ⁠⁠⁠ ⁠⁠⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠⁠…
  continue reading
 
DSPM or Data Security Posture Management with Yotam Segev from Cyera: Most security teams have known about data challenges in their organization and some of them are put in the too hard to solve right now bucket. Yotam came on the show to talk about who should own and manage data security programs and what can a data security roadmap look like for …
  continue reading
 
Guest: Chris Corde, Sr Director of Product Management - Security Operations, Google Cloud Topics: You cover many products, but let’s focus on Chronicle today. An easy question: Chronicle isn’t an XDR, so what is it? Since you’ve joined the team, what’re you most proud of shipping to clients? Could you share more about the Mandiant acquisition, what…
  continue reading
 
Travis McPeak is a security generalist with over a decade of experience working at several companies including Databricks, Netflix, IBM, HP, and Symantec. He’s the Co-Founder and CEO of Resourcely, whose goal is to create a paved road to secure, efficient, and easy to manage cloud infrastructure. In this conversation, Travis shares his biggest take…
  continue reading
 
Guest: Rosemary Wang, Developer Advocate at HashiCorp Topics: Could you give us a 2 minute picture on what Terraform is, what stages of the cloud lifecycle it is relevant for, and how it intersects with security teams? How can Terraform be used for security automation? How should security teams work with DevOps teams to use it? What are some of the…
  continue reading
 
Is it code to cloud or cloud to code with Harshil Parikh from Tromzo: A lot of leaders today face the inevitable question of should i start with the code or the cloud first. Harshil Parikh from Tromzo was kind enough to share his CISO experience on the topic on what each of these are and what can CISOs priortise in their programs. Episode YouTube: …
  continue reading
 
Josh Lemos former CISO of Block and the current CISO of GitLab comes from a pentester background and made his way to become a CISO. We were lucky enough to interview him during the hacker summer camp on his journey, his experience in AI, takeaway from BH CISO summit and types of CISOs & more.Episode YouTube: ⁠⁠ ⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠ Host Twitter: As…
  continue reading
 
Guests: no guests, all banter, all very fun :-) Topics: How is Google Next this year? What is new in cloud security? Is Google finally a security vendor? What are some of the fun security presentations we've seen, including our own? Any impactful launches in security? What was the most interesting overall? Resources: “Next 2023 Special: Building AI…
  continue reading
 
Guest: Eric Doerr, VP of Engineering, Google Cloud Security Topics: You have a Next presentation on AI, what is the most exciting part for you? We care both about securing AI and using AI for security. How do you organize your thinking about it? Executive surveys imply that trusting an AI (for business) is still an issue. How can we trust AI for se…
  continue reading
 
Karl Fosaaen, the author of Penetration Testing "Azure for Ethical Hacker" and the VP of Research at NetSPI, came as a guest to share why the penetration Test of a Web Application hosted on Azure Cloud in 2023 is quite different to just a simple/traditional web app pentesting and the skills you need to pentest Azure environments.Cloud Penetration t…
  continue reading
 
Can Honeytokens be used in your supply chain security? Turns out we can! We spoke to Mackenzie Jackson ( @advocatemack ) from @GitGuardian about the benefits of using Honeytokens, which organisations can benefit from them and whats involved in deploying them and next steps once they are triggered. Episode YouTube: ⁠ ⁠⁠Video Link⁠⁠⁠⁠⁠ Host Twitter: …
  continue reading
 
Penetration Test of a Web Application hosted on Google Cloud in 2023 is quite different to just a simple/traditional web app pentesting. Cloud Penetration testing is misunderstood to be just config review in Google Cloud. In this video, we have Kat Traxler who is a cloud security researcher, SANS Course author and has worked in the Google Cloud spa…
  continue reading
 
SQL Server DBAs and IT Ops teams often need to balance database performance and application uptime against necessary backup operations for recovery scenarios. This equation gets more complicated when dealing with SQL Server in the cloud. Renowned database technologist David Klee, Founder and Chief Architect of Heraflux Technologies, shares his insi…
  continue reading
 
Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bish…
  continue reading
 
Loading …

راهنمای مرجع سریع