0-10 subscribers
Looks like the publisher may have taken this series offline or changed its URL. Please contact support if you believe it should be working, the feed URL is invalid, or you have any other concerns about it.
با برنامه Player FM !
پادکست هایی که ارزش شنیدن دارند
حمایت شده
How attackers exploit identity gaps to get into your cloud and SaaS - Paul Nguyen - ESW #401
بایگانی مجموعه ها ("فیدهای غیر فعال" status)
When? This feed was archived on June 19, 2025 01:54 (
Why? فیدهای غیر فعال status. سرورهای ما، برای یک دوره پایدار، قادر به بازیابی یک فید پادکست معتبر نبوده اند.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 476983132 series 2794675
You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise.
Segment Resources:
- This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams
- This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud
- Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
- and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs
Show Notes: https://securityweekly.com/esw-401
4527 قسمت
بایگانی مجموعه ها ("فیدهای غیر فعال" status)
When?
This feed was archived on June 19, 2025 01:54 (
Why? فیدهای غیر فعال status. سرورهای ما، برای یک دوره پایدار، قادر به بازیابی یک فید پادکست معتبر نبوده اند.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 476983132 series 2794675
You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise.
Segment Resources:
- This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams
- This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud
- Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
- and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs
Show Notes: https://securityweekly.com/esw-401
4527 قسمت
همه قسمت ها
×
1 Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477 33:54

1 Ransomware in your CPU - PSW #874 1:58:19

1 CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Derek Manky, Gunter Ollmann - BSW #395 1:06:28

1 Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476 29:03

1 Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330 1:09:38

1 Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406 2:14:05

1 Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland... - SWN #475 33:52

1 Are You Down With RDP? - PSW #873 2:04:49

1 C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Lenny Zeltser, Dr. Aleksandr Yampolskiy - BSW #394 1:04:40

1 Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen... - Rob Allen - SWN #474 36:47

1 AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Idan Plotnik, Vishal Gupta - ASW #329 1:03:03

1 2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Hed Kovetz, Vivek Ramachandran, Rob Allen, Jason Mical, Alex Pinto, Lori Robinson - ESW #405 1:42:44

1 Security Weekly News Interviews Leaders of NECCDC competition - SWN #473 32:02

1 AI Tips, Tricks, and Traps! - PSW #872 1:37:21

1 Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393 49:58

1 Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472 33:34

1 Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328 44:08

1 The Future of Access Management - Jeff Shiner - ESW #404 39:05

1 The reason for Zoom's outage is crazy, huge funding amounts before RSA - ESW #404 40:37

1 Reviewing the Verizon 2025 Data Breach Investigations Report - ESW #404 40:42

1 Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer... - Malcolm Harkins, Kasimir Schulz - SWN #471 34:02

1 Hacking Crosswalks and Attacking Boilers - PSW #871 2:04:15

1 ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring - Martin Tschammer - BSW #392 1:03:55

1 Brains, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet - SWN #470 31:59

1 Managing Secrets - Vlad Matsiiako - ASW #327 1:03:03

1 Tailscale rakes it in, CVE dead to us, cool Chrome extensions, dog saves toddler - ESW #403 57:56

1 The past, present, and future of enterprise AI - Pravi Devineni - ESW #403 39:13

1 Patch It Like You Stole It: Vulnerability Management Lifestyle Choices - Matthew Toussain - ESW #403 34:44

1 HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet... - SWN #469 36:06

1 Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA... - PSW #870 2:06:35

1 Deny By Default as CISOs Battle Platform Fatigue and Show Value to the Board - Danny Jenkins - BSW #391 1:05:34

1 QUBIT AI, Recall This, Defender, Tycoon, Slopsquatting, Feng Mengleng, Aaran Leyland - SWN #468 35:45

1 More WAFs in Blocking Mode and More Security Headaches from LLMs - Sandy Carielli, Janet Worthington - ASW #326 1:14:45

1 The rise of MSSPs, CVE drama, Detection Engineering How-To & Doggie Survival Skills - ESW #402 51:20

1 What is old is new again: default deny on the endpoint - Danny Jenkins - ESW #402 36:20

1 I SIEM, you SIEM, we all SIEM for a Data Security Strategy - Colby DeRodeff - ESW #402 35:43

1 Win95, Shuckworm, Ottokit, DCs, EC2, IAB, OSS, Recall, Josh Marpet, and More... - SWN #467 35:45

1 You Should Just Patch - PSW #869 2:05:21

1 Balancing AI Opportunities vs. Risks to Drive Better Business Outcomes - Summer Fowler, Matt Muller - BSW #390 1:02:39

1 DOS, Web Cams, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Josh Marpet... - SWN #466 33:48

1 In Search of Secure Design - ASW #325 1:07:36

1 Best of Cyber April Fools, Tons of Free Tools, runZero positioned to disrupt? - ESW #401 49:54

1 How attackers exploit identity gaps to get into your cloud and SaaS - Paul Nguyen - ESW #401 43:15

1 Soft skills for engineers - Evgeniy Kharam - ESW #401 30:15

1 AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland... - SWN #465 30:51
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.