با برنامه Player FM !
The Role of Cloud Security Research in 2024
Manage episode 443220594 series 2853525
Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data.
Guest Socials: Scott's Linkedin + Scott's Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:07) A bit about Scott Piper
(02:48) What is a Cloud Security Research Team?
(04:30) Difference between traditional and Cloud Security Research
(07:21) Cloud Pentesting vs Cloud Security Research
(08:10) What is request collapsing?
(10:26) GitHub Actions and OIDC Research
(13:47) How has cloud security evolved?
(17:02) Tactical things for Cloud Security Program
(18:41) Impact of Kubernetes and AI on Cloud
(20:37) How to become a Cloud Security Researcher
(22:46) AWS Cloud Security Best Practices
(26:35) Trends in AWS Cloud Security Research
(28:11) Fun Questions
(30:22) A bit about fwd:cloudsec
Resources mentioned during the interview:
Wiz.io - Cloud Security Podcast listeners can also get a free cloud security health scan
Avoiding security incidents due to request collapsing
A security community success story of mitigating a misconfiguration
CTFs
286 قسمت
Manage episode 443220594 series 2853525
Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data.
Guest Socials: Scott's Linkedin + Scott's Twitter
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:07) A bit about Scott Piper
(02:48) What is a Cloud Security Research Team?
(04:30) Difference between traditional and Cloud Security Research
(07:21) Cloud Pentesting vs Cloud Security Research
(08:10) What is request collapsing?
(10:26) GitHub Actions and OIDC Research
(13:47) How has cloud security evolved?
(17:02) Tactical things for Cloud Security Program
(18:41) Impact of Kubernetes and AI on Cloud
(20:37) How to become a Cloud Security Researcher
(22:46) AWS Cloud Security Best Practices
(26:35) Trends in AWS Cloud Security Research
(28:11) Fun Questions
(30:22) A bit about fwd:cloudsec
Resources mentioned during the interview:
Wiz.io - Cloud Security Podcast listeners can also get a free cloud security health scan
Avoiding security incidents due to request collapsing
A security community success story of mitigating a misconfiguration
CTFs
286 قسمت
همه قسمت ها
×به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.