Cloud Security Podcast

Antoinette Stevens, Principal Security Engineer at Ramp, brings her expertise in detection engineering to a lively discussion about the role of AI in security operations. She emphasizes the importance of human judgment over AI's limitations, such as hallucinations. Antoinette advocates for an engineering-led approach and warns about the shrinking entry-level job market, pushing for software skills in security roles. The conversation covers the necessity of building robust detection programs while treating AI as a supportive tool, not a replacement. Plus, she shares her personal interests, from wine certification to comedy!

Join Sapna Paul, a Senior Manager at Dayforce with a robust background in cybersecurity and DevSecOps, as she unpacks the complexities of AI vulnerability management. Discover why traditional patching doesn’t apply to neural networks and delve into the three critical layers of AI vulnerabilities. Sapna highlights the importance of aligning AI risks with business goals and shares practical ways to use AI to combat alert fatigue. She also emphasizes mentoring and the essential skills needed for security professionals in an evolving AI landscape.

Matt Castriotta, Field CTO at Rubrik, shares insights on the vital need for cyber resilience over traditional backup strategies. He emphasizes that merely having backups is insufficient; organizations must recover clean, trusted data after attacks. Matt warns against the myths of cloud-native recovery like S3 versioning and elaborates on why identity must be the new perimeter in security. The conversation also covers AI's role in data integrity, offering practical advice on incident response and recovery planning.

Yash Kosaraju, CISO of Sendbird, shares insights from transforming the company from a chat API platform to an AI agent powerhouse. He introduces the concept of 'Multi-Layer Trust' as a more pragmatic approach than the traditional 'Zero Trust.' The discussion spans critical topics like securing AI interactions, the blurred lines of incident response when AI agents operate across boundaries, and the benefits of embedding security directly into development teams. Yash also emphasizes the importance of empowering employees with enterprise AI tools while maintaining a robust security culture.

Santiago Castiñeira, CTO of Maze and expert in AI-first vulnerability management, dives into the build vs. buy debate for cybersecurity tools. He highlights the complexities of scaling AI systems beyond basic prototypes, emphasizing the need for specialized skills. Santiago discusses the limitations of current frameworks and the importance of creating robust evaluation pipelines. He warns against reliance on Retrieval-Augmented Generation for accurate technical data and envisions future semi-autonomous security agents that could revolutionize vulnerability management.

Cliff Crosland, co-founder and CEO of Scanner.dev, shares his insights from his journey in transforming security data management. He discusses the high costs and challenges of traditional SIEMs, revealing how his initial attempts at building an in-house data lake hit major roadblocks. Cliff highlights issues like slow queries and the engineering lift required for usability. He also explores the potential of AI in enhancing detection engineering and offers advice on when to build or buy a data lake solution.

Grant Oviatt, Head of Security Operations at Prophet Security and former leader at Mandiant and Red Canary, dives into trust-building in AI-driven SOCs for regulated environments. He discusses the crucial pillars of explainability and traceability, essential for gaining auditor confidence. Transitioning from AI skepticism to advocacy, Grant highlights the impressive speed and accuracy of AI SOCs compared to traditional methods. He shares insights on architecture, the importance of data controls, and real-world success in investigations, demonstrating why AI is a game-changer in security operations.

Mohan Kumar, a production security practitioner at Box with over 14 years in cybersecurity, dives into the uncharted waters of AI agent threats. He highlights how autonomous AI agents can develop secure communication methods, posing new risks like memory poisoning through indirect prompts. Mohan warns of tool misuse, where agents may inadvertently connect to rogue systems, and stresses the importance of enforcing least-privilege. He also discusses the need for robust monitoring and audits to manage these evolving threats in the AI landscape.

In this discussion, Tejas Dakve, a Senior Manager of Application Security at Bloomberg Industry Group, and Aditya Patel, a seasoned Security Architect, dive into how AI is reshaping the security landscape. They tackle the collapse of silos between AppSec and CloudSec, emphasizing the inadequacy of traditional security models against AI-generated threats. Topics include the necessity for continuous threat modeling, the emergence of 'T-shaped engineers,' and the pivotal role of automation in enhancing security practices. Join them as they explore the future of security in an AI-driven world!

In this discussion, Edward Wu, the Founder and CEO of Dropzone AI, explores the transformative potential of AI in security operations centers. He reveals findings from a benchmark report showing AI can accelerate investigations by 45-60% and enhance efficiency. Edward contrasts traditional SOAR playbooks with the adaptability of agentic AI, emphasizing its role in automating Tier 1 tasks and allowing analysts to focus on strategic roles. He warns that AI won't fully replace humans but will revolutionize SOC workflows, particularly benefiting in-house teams and MSSPs.