Cloud Security Podcast by Google

Anton Chuvakin
undefined
7 snips
Sep 1, 2025 • 32min

EP241 From Black Box to Building Blocks: More Modern Detection Engineering Lessons from Google

Rick Correa, Uber TL for Google SecOps and expert in detection engineering, shares his journey of scaling curated detections from a mere 70 to over 4,700 rules. He discusses the pivotal lessons learned and the importance of user-friendly interfaces to alleviate customer friction. The conversation dives into the distinction between 'Detection-as-Code' and advanced software engineering practices, emphasizing the need for unit testing and performance reviews. Correa introduces the 'Goldilocks Zone' for detections and provides practical examples of building blocks for enhancing security against threats like VPN and Tor traffic.
undefined
Aug 25, 2025 • 29min

EP240 Cyber Resiliency for the Rest of Us: Making it Happen on a Real-World Budget

Errol Weiss, Chief Security Officer at Health-ISAC, dives deep into the world of cyber resilience in the healthcare sector. He stresses the importance of moving from a focus on 'just cybersecurity' to a broader emphasis on digital resilience. With practical tips, he shares how even under-resourced organizations can enhance their security without breaking the bank. Weiss highlights the need for basic hygiene in cybersecurity and advises on evaluating vendor security to prevent hacks. His insights shine a light on the path to stronger cyber defenses.
undefined
18 snips
Aug 18, 2025 • 25min

EP239 Linux Security: The Detection and Response Disconnect and Where Is My Agentless EDR

Craig H. Rowland, Founder and CEO of Sandfly Security, discusses crucial Linux security insights relevant to diverse environments including cloud and hybrid setups. He addresses significant blind spots for security teams and the misconception that Linux is immune to malware threats. The conversation covers the dangers of SSH key management, operational hurdles in incident response, and the subtle abuse of legitimate Linux utilities in attacks. Rowland also explores the benefits and trade-offs of agentless vs. agent-based monitoring, enhancing security through AI and innovative strategies.
undefined
Aug 11, 2025 • 32min

EP238 Google Lessons for Using AI Agents for Securing Our Enterprise

Dominik Swierad, Senior Product Manager for D&R AI and Sec-Gemini, shares his insights on implementing AI agents within Google's security framework. He discusses strategies for building trust among security professionals and identifies key use cases for AI integration. Swierad emphasizes the importance of high-quality data and structured methodologies for evaluating AI performance. He also highlights the evolving roles of security engineers amidst rising automation and raises concerns about how threat actors might exploit similar technologies.
undefined
Aug 4, 2025 • 29min

EP237 Making Security Personal at the Speed and Scale of TikTok

Kim Albarella, TikTok's Global Head of Security, shares her expertise in user safety and compliance. She offers essential tips for online security, emphasizing two-step verification and password management. The conversation dives into navigating global compliance challenges, highlighting the balance between local regulations and a unified security approach. Kim also discusses innovative training methods, using TikTok videos to foster a strong internal security culture, making cybersecurity relatable and engaging in today’s digital landscape.
undefined
8 snips
Jul 28, 2025 • 27min

EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI

Manija Poulatova, Director of Security Engineering and Operations at Lloyd's Banking Group, shares her insights on transforming Security Operations Centers. She reveals her accelerated SIEM migration journey and the challenges faced in balancing people, processes, and technology. The discussion touches on innovative composite alerting techniques and the 'funnel model' for detection. Manija also emphasizes the need for agile methodologies and offers advice for security leaders on successfully integrating AI into their teams. Her experience is a treasure trove for anyone in the cybersecurity field!
undefined
Jul 21, 2025 • 34min

EP235 The Autonomous Frontier: Governing AI Agents from Code to Courtroom

Anna Gressel, a Partner at Paul, Weiss and an expert in AI law, dives into the intricate legal landscape of agentic AI. She discusses the unique risks associated with autonomous decision-making in industries like healthcare and defense. The conversation addresses the need for evolving regulatory frameworks to grapple with liability and responsibility in AI systems. Gressel also highlights the importance of transparency and explainability in AI's decision-making processes, emphasizing how these legal considerations can guide safer AI deployment.
undefined
25 snips
Jul 14, 2025 • 38min

EP234 The SIEM Paradox: Logs, Lies, and Failing to Detect

Svetla Yankova, Founder and CEO of Citreno, dives into the paradox of SIEM systems in modern security. Despite hefty investments in logging tools, many organizations fail to detect threats effectively. She discusses challenges like data enrichment and the importance of context for SOC analysts. Svetla also addresses common SIEM pitfalls and the expectations surrounding technology migrations. Additionally, she ponders the role of AI in security, questioning whether it's repeating the past mistakes of SOAR vendors or creating new ones.
undefined
7 snips
Jul 7, 2025 • 26min

EP233 Product Security Engineering at Google: Resilience and Security

Cristina Vintila, a Product Security Engineering Manager at Google Cloud, dives into the evolution of security practices at Google, focusing on recent threats like Log4j. She discusses the integration of Site Reliability Engineering principles in detection and response, emphasizing the balance between reliability and security. Vintila highlights the importance of understanding critical data for effective vulnerability management and the need for collaboration between security teams and product engineers to enhance overall product security.
undefined
8 snips
Jun 30, 2025 • 32min

EP232 The Human Element of Privacy: Protecting High-Risk Targets and Designing Systems

Sarah Aoun, a Privacy Engineer at Google and former consultant on digital security for a world leader, dives into her unique journey from human rights to tech. She discusses the intricacies of designing privacy into Google's Fuschia operating system, particularly for ambient computing. Aoun highlights the importance of understanding who might be a high-risk target in today’s geopolitical landscape and offers insights on enhancing personal security beyond traditional methods. She emphasizes the collective responsibility of individuals and tech companies in prioritizing user privacy.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app