Cloud Security Podcast
Cloud Security Podcast Team
Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud.
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
Episodes
Mentioned books
11 snips
Sep 9, 2025 • 49min
Using AI to Fix Your Cloud Security Backlog beyond Visibility
Snir Ben Shimol, CEO of Zest Security, challenges the traditional views on vulnerability awareness, arguing that knowledge alone doesn't enhance security. He suggests that AI can tackle cloud security backlogs effectively by identifying critical changes that can significantly reduce vulnerabilities in one go. Their conversation also touches on the evolution of cloud security from mere visibility to proactive measures. Plus, the duo lightens the mood with a fun discussion about their favorite healthy cuisines, especially Thai food!
20 snips
Aug 27, 2025 • 47min
Your SecOps Team Can't Save Your Cloud: A New Blueprint for Security.
Gil Geron, CEO of Orca Security and an expert in cybersecurity, discusses the evolution of cloud security and the limitations of traditional SecOps models. He emphasizes the need for a proactive approach, integrating security as an end-to-end workflow. The role of AI is pivotal in reducing alert fatigue, as Geron shares a case study on prioritizing vulnerabilities effectively. He also highlights the importance of collaboration between security and engineering teams to strengthen overall security in cloud environments.
Aug 22, 2025 • 50min
New Identity Blueprint for a Future with Cloud & AI
Join Jasson Casey, CEO and co-founder of Beyond Identity, as he dives into the future of identity management. He reveals that traditional authentication methods, including MFA, are outdated and vulnerable to attack. Jasson advocates for device-bound identities using hardware-backed secure enclaves, making credentials un-phishable. He also addresses the rising threats posed by AI, like deepfakes and social engineering, highlighting the need for a robust shift in security practices. Plus, he shares his passion for cooking, connecting culinary arts with cybersecurity!
18 snips
Aug 8, 2025 • 53min
AI for SOC Automation: A Blueprint for the New world of Incident Response
In this engaging discussion, Kyle Polley, who leads the AI security team at Perplexity, shares his insights on transforming Security Operations Centers (SOCs) for modern cybersecurity challenges. He emphasizes the need to shift from outdated SIEM systems to advanced data lake architectures that leverage AI agents for efficient incident response. Kyle also addresses misconceptions about compliance in AI security and highlights the importance of detecting true threats while minimizing analyst burnout. Light-hearted moments reveal his passion for Tex-Mex cuisine and personal hobbies.
10 snips
Aug 7, 2025 • 53min
The Truth About Agentic AI in the SOC: Reality vs. Hype
Edward Wu, the innovative founder and CEO of Dropzone AI, shares insights on the practical integration of AI in Security Operations Centers (SOCs). He discusses how AI acts as a supportive tool for analysts rather than a replacement, debunking myths of full automation. The conversation covers AI's role in swiftly investigating alerts, the importance of transparency, and the challenges of AI hallucinations. Wu also predicts an evolution in SOC roles as AI takes on repetitive tasks, encouraging a balanced approach to technology in cybersecurity.
Jul 22, 2025 • 45min
Understanding a $10B Fraud Vector in Cloud-Native Workflows
Frank Teruel, COO at Arkose Labs, specializes in digital identity and fraud prevention. He discusses the alarming rise of SMS toll fraud, a $10 billion issue where bots exploit cloud workflows, causing unexpected operational costs. Teruel shares a striking story of a cloud container hijack that resulted in half a million dollars lost to crypto mining. The conversation emphasizes the need for enhanced security measures within digital environments and the critical role organizations play in combating this sophisticated fraud.
Jul 17, 2025 • 20min
How BT Tackled 180 Years of Legacy to Build a Passwordless Future
Christian Schwarz, Security Director for Network Services at BT Group, shares insights from his role in modernizing security at a 180-year-old telecom giant. He discusses the challenges of managing legacy systems and discovering hundreds of thousands of hidden credentials. Transitioning to a passwordless future, he emphasizes reducing friction while enhancing security design. Intrigued by fostering a proactive security culture, he also dives into his personal passions like cycling and culinary delights, blending insights on innovation and work-life balance.
Jul 15, 2025 • 46min
Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI
Amit Chita, Field CTO at Mend.io and former founder of Atom Security, dives into the dynamic intersection of AI and application security. He explores how AI agents are reshaping the Software Development Lifecycle, triggering the need for a stricter Zero Trust approach. The conversation highlights new vulnerabilities posed by generative AI and the necessity of adapting security practices accordingly. Amit also discusses licensing complexities and the challenges of balancing rapid development with robust security measures in an evolving tech landscape.
Jul 9, 2025 • 32min
Guide to Hybrid Cloud & Bare Metal Secret Management
Dan Popescu, a Senior Site Reliability Engineer at Booking.com, shares insights on managing secrets across hybrid cloud and bare metal environments. He explores the complexities of integrating authentication and dynamic secrets using HashiCorp Vault. The discussion emphasizes the importance of a central broker for security scalability and effective lifecycle management. Listeners will also enjoy a light-hearted dive into culinary passions and the nuances of multi-course dining, showcasing the balance between technical prowess and personal interests.
Jul 1, 2025 • 40min
"Escape-Proof" Cloud: How Block built an Automated Approach to Egress Control
Ramesh Ramani, a Staff Security Engineer at Block, specializes in cloud security with a solid background in network engineering. In this discussion, he highlights how organizations can improve data security by focusing on egress control. Ramesh introduces an innovative automated system that centralizes governance for outbound access, streamlining security and compliance with SPIFFE IDs. He also emphasizes the importance of a phased approach in enhancing egress control and improving incident response, ensuring organizations can swiftly manage third-party access and data protection.
