Cloud Security Podcast by Google EP216 Ephemeral Clouds, Lasting Security: CIRA, CDR, and the Future of Cloud Investigations
14 snips
Mar 24, 2025 In this enlightening discussion, James Campbell, CEO of Cado Security, and Chris Doman, CTO, dive into the evolving landscape of cloud security. They clarify the differences between Cloud Detection and Response (CDR) and Cloud Investigation and Response Automation (CIRA), highlighting the critical role automation plays in enhancing security. The conversation explores the challenges of ephemeral cloud infrastructure and its impact on compliance. Listeners will gain insights into how modern SIEM/SOAR systems can integrate with CIRA for better cloud security strategies.
AI Snips
Chapters
Transcript
Episode notes
CIRA's Purpose
- CIRA (Cloud Investigation and Response Automation) addresses the need for automated data capture and deep investigation in cloud environments.
- This is important because cloud investigations often involve ephemeral resources, requiring quick action.
Cloud vs. On-Premise Investigations
- Traditionally, on-premise investigations involved time-consuming tasks like physically retrieving hard drives.
- Cloud changes this by enabling quick access to the same depth of data with a few clicks.
Simplifying Cloud Investigations
- A security analyst at a large US insurer expressed difficulty in automating data collection from diverse cloud technologies.
- Cado Security aims to simplify this by automating data capture and providing familiar views for analysts.