Defense in Depth

Scaling Least Privilege for the Cloud

May 2, 2024

Sandy Bird, Co-founder and CTO of Sonrai Security, joins the podcast to discuss the challenges of scaling least privilege in the cloud. Topics include automating identity security, optimizing cloud access control, and the evolution of attribute-based access control. Discover the importance of just-in-time access permissions and prioritizing assets for enhanced security.

35:00

Creator website

Episode guests

Sandy Bird

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Automating least privilege in cloud environments remains a significant challenge due to scale and complexity.

Starting small by testing least privilege implementation on one app or permission is a wise strategy.

Deep dives

Scaling Least Privilege Automation in Cloud Environments

Automating least privilege in cloud environments poses a significant challenge due to the scale and complexity of the issue. With the continuous creation of machine identities, manual approaches to least privilege are no longer feasible. The necessity to automate this process is crucial, but the envisioning of such automation remains largely theoretical. The approach involves integrating automation tools to manage service and non-human identities consistently across cloud environments, akin to existing automation for end-users.

Introduction

2min

Exploring Automation and Scaling Identity Security in the Cloud

2min

Automating Identity Security in the Cloud

10min

Optimizing Cloud Access Control and Privilege Management

6min

Evolution of Attribute-Based Access Control in Cloud Environments

11min

Exploring Just-in-Time Access Permissions and Prioritizing Assets for Security

4min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Sandy Bird, co-founder and CTO, Sonrai Security.

In this episode:

Why does scaling least privilege in the cloud remain challenging?
Is throwing more people at the problem feasible?
How are you managing it?
What aspects haven’t been considered?

Thanks to our podcast sponsor, Sonrai Security

A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment. Start a free trial today! sonrai.co/ciso

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Scaling Least Privilege for the Cloud

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Scaling Least Privilege Automation in Cloud Environments

Start Small: Testing Least Privilege Implementation

Attribute-Based Access Control vs. Role-Based Access Control

Enhancing Just-in-Time Access and Visibility

Remember Everything You Learn from Podcasts