Cloud Security Podcast by Google EP233 Product Security Engineering at Google: Resilience and Security
7 snips
Jul 7, 2025 Cristina Vintila, a Product Security Engineering Manager at Google Cloud, dives into the evolution of security practices at Google, focusing on recent threats like Log4j. She discusses the integration of Site Reliability Engineering principles in detection and response, emphasizing the balance between reliability and security. Vintila highlights the importance of understanding critical data for effective vulnerability management and the need for collaboration between security teams and product engineers to enhance overall product security.
AI Snips
Chapters
Transcript
Episode notes
Cristina's Security Career Path
- Cristina Vintila shared her journey from detection and response to product security engineering at Google Cloud.
- She emphasizes continuous learning and humility in the fast-evolving security field.
SRE Principles Apply to Security
- SRE principles like error budgets and blameless retrospectives apply fully to security systems.
- Building secure systems benefits from mature monitoring and minimizing toil, just like any cloud service.
Security Accountability is Business Risk
- Security accountability lies ultimately with the business owner, even if execution is delegated.
- Security risk should be treated as a business risk and integrated into decision making.