Cloud Security Podcast by Google
Anton Chuvakin
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.
We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.
We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.
We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.
We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.
Episodes
Mentioned books
7 snips
Sep 1, 2025 • 32min
EP241 From Black Box to Building Blocks: More Modern Detection Engineering Lessons from Google
Rick Correa, Uber TL for Google SecOps and expert in detection engineering, shares his journey of scaling curated detections from a mere 70 to over 4,700 rules. He discusses the pivotal lessons learned and the importance of user-friendly interfaces to alleviate customer friction. The conversation dives into the distinction between 'Detection-as-Code' and advanced software engineering practices, emphasizing the need for unit testing and performance reviews. Correa introduces the 'Goldilocks Zone' for detections and provides practical examples of building blocks for enhancing security against threats like VPN and Tor traffic.
Aug 25, 2025 • 29min
EP240 Cyber Resiliency for the Rest of Us: Making it Happen on a Real-World Budget
Errol Weiss, Chief Security Officer at Health-ISAC, dives deep into the world of cyber resilience in the healthcare sector. He stresses the importance of moving from a focus on 'just cybersecurity' to a broader emphasis on digital resilience. With practical tips, he shares how even under-resourced organizations can enhance their security without breaking the bank. Weiss highlights the need for basic hygiene in cybersecurity and advises on evaluating vendor security to prevent hacks. His insights shine a light on the path to stronger cyber defenses.
18 snips
Aug 18, 2025 • 25min
EP239 Linux Security: The Detection and Response Disconnect and Where Is My Agentless EDR
Craig H. Rowland, Founder and CEO of Sandfly Security, discusses crucial Linux security insights relevant to diverse environments including cloud and hybrid setups. He addresses significant blind spots for security teams and the misconception that Linux is immune to malware threats. The conversation covers the dangers of SSH key management, operational hurdles in incident response, and the subtle abuse of legitimate Linux utilities in attacks. Rowland also explores the benefits and trade-offs of agentless vs. agent-based monitoring, enhancing security through AI and innovative strategies.
Aug 11, 2025 • 32min
EP238 Google Lessons for Using AI Agents for Securing Our Enterprise
Dominik Swierad, Senior Product Manager for D&R AI and Sec-Gemini, shares his insights on implementing AI agents within Google's security framework. He discusses strategies for building trust among security professionals and identifies key use cases for AI integration. Swierad emphasizes the importance of high-quality data and structured methodologies for evaluating AI performance. He also highlights the evolving roles of security engineers amidst rising automation and raises concerns about how threat actors might exploit similar technologies.
Aug 4, 2025 • 29min
EP237 Making Security Personal at the Speed and Scale of TikTok
Kim Albarella, TikTok's Global Head of Security, shares her expertise in user safety and compliance. She offers essential tips for online security, emphasizing two-step verification and password management. The conversation dives into navigating global compliance challenges, highlighting the balance between local regulations and a unified security approach. Kim also discusses innovative training methods, using TikTok videos to foster a strong internal security culture, making cybersecurity relatable and engaging in today’s digital landscape.
8 snips
Jul 28, 2025 • 27min
EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI
Manija Poulatova, Director of Security Engineering and Operations at Lloyd's Banking Group, shares her insights on transforming Security Operations Centers. She reveals her accelerated SIEM migration journey and the challenges faced in balancing people, processes, and technology. The discussion touches on innovative composite alerting techniques and the 'funnel model' for detection. Manija also emphasizes the need for agile methodologies and offers advice for security leaders on successfully integrating AI into their teams. Her experience is a treasure trove for anyone in the cybersecurity field!
Jul 21, 2025 • 34min
EP235 The Autonomous Frontier: Governing AI Agents from Code to Courtroom
Anna Gressel, a Partner at Paul, Weiss and an expert in AI law, dives into the intricate legal landscape of agentic AI. She discusses the unique risks associated with autonomous decision-making in industries like healthcare and defense. The conversation addresses the need for evolving regulatory frameworks to grapple with liability and responsibility in AI systems. Gressel also highlights the importance of transparency and explainability in AI's decision-making processes, emphasizing how these legal considerations can guide safer AI deployment.
25 snips
Jul 14, 2025 • 38min
EP234 The SIEM Paradox: Logs, Lies, and Failing to Detect
Svetla Yankova, Founder and CEO of Citreno, dives into the paradox of SIEM systems in modern security. Despite hefty investments in logging tools, many organizations fail to detect threats effectively. She discusses challenges like data enrichment and the importance of context for SOC analysts. Svetla also addresses common SIEM pitfalls and the expectations surrounding technology migrations. Additionally, she ponders the role of AI in security, questioning whether it's repeating the past mistakes of SOAR vendors or creating new ones.
7 snips
Jul 7, 2025 • 26min
EP233 Product Security Engineering at Google: Resilience and Security
Cristina Vintila, a Product Security Engineering Manager at Google Cloud, dives into the evolution of security practices at Google, focusing on recent threats like Log4j. She discusses the integration of Site Reliability Engineering principles in detection and response, emphasizing the balance between reliability and security. Vintila highlights the importance of understanding critical data for effective vulnerability management and the need for collaboration between security teams and product engineers to enhance overall product security.
8 snips
Jun 30, 2025 • 32min
EP232 The Human Element of Privacy: Protecting High-Risk Targets and Designing Systems
Sarah Aoun, a Privacy Engineer at Google and former consultant on digital security for a world leader, dives into her unique journey from human rights to tech. She discusses the intricacies of designing privacy into Google's Fuschia operating system, particularly for ambient computing. Aoun highlights the importance of understanding who might be a high-risk target in today’s geopolitical landscape and offers insights on enhancing personal security beyond traditional methods. She emphasizes the collective responsibility of individuals and tech companies in prioritizing user privacy.
