Cloud Security Podcast

What is CADR?

Dec 5, 2024

In this discussion, Shauli Rozen, co-founder and CEO of ARMO Security and an expert in Kubernetes security, dives into the fascinating world of cloud application detection and response (CADR). He highlights the challenges faced in runtime security and critiques traditional CSPM tools. The conversation also covers the 'Four C's' of cloud security—cloud, cluster, container, and code—and emphasizes the crucial role of runtime data using eBPF. Shauli's insights shed light on how Kubernetes is transforming DevOps and security collaboration.

29:04

Creator website

Episode guests

Shauli Rozen

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Cloud security strategy must encompass the four key components: cloud, cluster, container, and code, highlighting the layers attackers exploit.

The emerging concept of Cloud Application Detection Response (CADR) enhances security by integrating diverse data sources for improved threat detection and remediation.

Deep dives

Understanding the Four C's of Cloud Security

Cloud security is conceptualized around four key components: cloud, cluster, container, and code. Each of these 'Cs' represents a distinct layer that potential attackers could exploit to gain access to an organization’s resources. Specifically, cloud detection response (CDR) focuses on monitoring cloud logs and events, while Kubernetes detection response (KDR) emphasizes securing the Kubernetes clusters themselves. The differentiation among these areas highlights the need for a comprehensive security strategy that encompasses all aspects of cloud infrastructure.

Intro

2min

Exploring Kubernetes Security through KubeScape

2min

Enhancing Kubernetes Runtime Security

8min

Navigating Kubernetes Security in Cloud Environments

13min

Exploring Personal Passions Beyond the Waves

2min

Culinary Favorites and Connections in Cloud Security

2min

In this episode, recorded at Kubecon NA in Salt Lake City, we spoke about about Kubernetes security with Shauli Rozen, co-founder and CEO of ARMO Security. From the challenges of runtime protection to the potential of CADR (Cloud Application Detection and Response), Shauli breaks down the gaps in traditional CSPM tools and how Kubernetes plays a central role in cloud security strategy. The episode gets into the "Four C's" of cloud security: Cloud, Cluster, Container, Code, why runtime data, powered by eBPF, is critical for modern security solutions, the rise of CADR and how Kubernetes is reshaping the landscape of DevOps and security collaboration.

Guest Socials: Shauli's Linkedin

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

Questions asked:

(00:00) Introduction

(01:46) A bit about Shauli and ARMO

(02:26) Bit about open source project Kubescape

(03:59) What is Runtime Security in Kubernetes?

(06:50) CDR and Application Security

(08:57) What is ADR and CADR?

(09:55) How is CADR different to ASPM + DAST?

(12:18) Kubernetes Usage and eBPF

(15:35) Does your CSPM do coverage for Kubernetes?

(16:24) What to include in 2025 Cybersecurity Roadmap?

(19:09) Does everyone need CADR?

(21:35) Who is looking at the Kubernetes Security Logs?

(23:17) The future of Kubernetes Security

(25:26) The Fun Section

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cloud Security Podcast

What is CADR?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding the Four C's of Cloud Security

Runtime Security for Kubernetes

The Emergence of CADR in Security Strategy

Adopting Best Practices for Kubernetes Security

Remember Everything You Learn from Podcasts