Cloud Security Podcast by Google

Anton Chuvakin

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.

We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.

We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.

Episodes

Mentioned books

Jul 21, 2025 • 34min

EP235 The Autonomous Frontier: Governing AI Agents from Code to Courtroom

Anna Gressel, a Partner at Paul, Weiss and an expert in AI law, dives into the intricate legal landscape of agentic AI. She discusses the unique risks associated with autonomous decision-making in industries like healthcare and defense. The conversation addresses the need for evolving regulatory frameworks to grapple with liability and responsibility in AI systems. Gressel also highlights the importance of transparency and explainability in AI's decision-making processes, emphasizing how these legal considerations can guide safer AI deployment.

Jul 14, 2025 • 38min

EP234 The SIEM Paradox: Logs, Lies, and Failing to Detect

Svetla Yankova, Founder and CEO of Citreno, dives into the paradox of SIEM systems in modern security. Despite hefty investments in logging tools, many organizations fail to detect threats effectively. She discusses challenges like data enrichment and the importance of context for SOC analysts. Svetla also addresses common SIEM pitfalls and the expectations surrounding technology migrations. Additionally, she ponders the role of AI in security, questioning whether it's repeating the past mistakes of SOAR vendors or creating new ones.

Jul 7, 2025 • 26min

EP233 Product Security Engineering at Google: Resilience and Security

Cristina Vintila, a Product Security Engineering Manager at Google Cloud, dives into the evolution of security practices at Google, focusing on recent threats like Log4j. She discusses the integration of Site Reliability Engineering principles in detection and response, emphasizing the balance between reliability and security. Vintila highlights the importance of understanding critical data for effective vulnerability management and the need for collaboration between security teams and product engineers to enhance overall product security.

Jun 30, 2025 • 32min

EP232 The Human Element of Privacy: Protecting High-Risk Targets and Designing Systems

Sarah Aoun, a Privacy Engineer at Google and former consultant on digital security for a world leader, dives into her unique journey from human rights to tech. She discusses the intricacies of designing privacy into Google's Fuschia operating system, particularly for ambient computing. Aoun highlights the importance of understanding who might be a high-risk target in today’s geopolitical landscape and offers insights on enhancing personal security beyond traditional methods. She emphasizes the collective responsibility of individuals and tech companies in prioritizing user privacy.

Jun 23, 2025 • 31min

EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise

David French, a Staff Adoption Engineer at Google Cloud, dives into the intriguing world of 'detection as code.' He clarifies its real meaning and its advantages for security teams, discussing how a software engineering approach can enhance detection processes. Topics include the significance of robust testing methods, the challenges of working with limited API support, and the importance of standardizing detection rules. French also advocates for collaborative sharing of detection content, blurring the lines between traditional alert handling and an engineering-like mindset.

Jun 16, 2025 • 26min

EP230 AI Red Teaming: Surprises, Strategies, and Lessons from Google

Daniel Fabian, Principal Digital Arsonist at Google, shares his insights from two years of AI red teaming. He reveals surprising findings about the unique security challenges AI systems pose compared to traditional software. Fabian discusses counterstrategies against prompt injection attacks and highlights the importance of threat modeling. He offers practical advice for organizations new to AI red teaming, emphasizing an adversarial mindset to identify vulnerabilities and the need for collaboration between security teams and developers. Embrace AI in red teaming for better defense!

Jun 9, 2025 • 35min

EP229 Beyond the Hype: Debunking Cloud Breach Myths (and What DBIR Says Now)

Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, discusses the nuances of cloud breaches, questioning if they are merely due to leaked credentials. He reveals that customers are often responsible for the majority of security issues and highlights the common problem of misconfigurations. Pinto also talks about the evolving ransomware landscape and its future, pondering if it will remain a threat for the next two decades. Moreover, he touches on the role of AI in shaping the breach report, emphasizing the need for human oversight.

Jun 2, 2025 • 27min

EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines

Alan Braithwaite, Co-founder and CTO of RunReveal and a passionate data engineer, dives into the challenges of modern Security Information and Event Management (SIEM). He discusses the complexities of storage and integration in SIEM systems while comparing decoupled architectures with integrated solutions. With data volumes surging, Braithwaite envisions using ClickHouse for efficient log management. He also introduces 'Pipeline QL' for detection in SQL, sparking debates about its implications for security engineering and interoperability in the ever-evolving landscape of security data.

May 26, 2025 • 24min

EP227 AI-Native MDR: Betting on the Future of Security Operations?

Eric Foster, CEO of Tenex.AI, is revolutionizing the security services industry through AI innovations. He delves into why starting an AI-native Managed Detection and Response (MDR) service from scratch is a game changer. The discussion highlights the balance between human analysts and AI agents, exploring how their roles will shift in the next five years. Concerns about AI's accuracy in cybersecurity are addressed, alongside essential metrics organizations should prioritize when evaluating MDR efficacy. This insightful chat paves the way for the future of security operations.

May 19, 2025 • 25min

EP226 AI Supply Chain Security: Old Lessons, New Poisons, and Agentic Dreams

Christine Sizemore, a Cloud Security Architect at Google Cloud, dives into the complexities of AI supply chain security. She highlights the stark differences between AI and traditional software supply chains, using engaging examples like the Suez Canal incident. The discussion uncovers unexpected threats, such as data poisoning, and emphasizes the need for continuous security integration. Sizemore explores organizational pitfalls to avoid and humorously questions whether AI can secure itself—she even shares practical strategies for safeguarding AI systems.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner