In this episode of the Virtual Coffee with Ashish edition, we spoke with Nandesh Guru (Nandesh's Linkedin) about ransomware and supply chain attack mechanisms in AWS and how the world of CSPM have evolved to address the increasing complexities of cloud security 

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter:  Nandesh Guru (Nandesh's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News 

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Ashish's Intro to the Episode

(02:09) https://snyk.io/csp

(03:11 )A bit about Nandesh 

(05:01) 4 Components of Supply Chain Risks

(06:47)Example of AWS Supply Chain Attack 

(10:08) Evaluating code scanning tools 

(12:30) What is ransomware?

(13:06) Ransomware in AWS 

(14:55) Attacks on encryption in AWS

(19:27) What is a CSPM?

(20:46) The role of CSPM and CNAPP in supply chain attacks

(22:56) Is CIS Benchmark still a good starting point?

(26:38) The evolution of CSPMs

(29:47)  Complexity of Cloud Security 

(32:59)Where can you learn more about supply chain risks?

(33:50) Fun Questions