Cloud Security Podcast

Grant Oviatt, Head of Security Operations at Prophet Security and former leader at Mandiant and Red Canary, dives into trust-building in AI-driven SOCs for regulated environments. He discusses the crucial pillars of explainability and traceability, essential for gaining auditor confidence. Transitioning from AI skepticism to advocacy, Grant highlights the impressive speed and accuracy of AI SOCs compared to traditional methods. He shares insights on architecture, the importance of data controls, and real-world success in investigations, demonstrating why AI is a game-changer in security operations.

Mohan Kumar, a production security practitioner at Box with over 14 years in cybersecurity, dives into the uncharted waters of AI agent threats. He highlights how autonomous AI agents can develop secure communication methods, posing new risks like memory poisoning through indirect prompts. Mohan warns of tool misuse, where agents may inadvertently connect to rogue systems, and stresses the importance of enforcing least-privilege. He also discusses the need for robust monitoring and audits to manage these evolving threats in the AI landscape.

In this discussion, Tejas Dakve, a Senior Manager of Application Security at Bloomberg Industry Group, and Aditya Patel, a seasoned Security Architect, dive into how AI is reshaping the security landscape. They tackle the collapse of silos between AppSec and CloudSec, emphasizing the inadequacy of traditional security models against AI-generated threats. Topics include the necessity for continuous threat modeling, the emergence of 'T-shaped engineers,' and the pivotal role of automation in enhancing security practices. Join them as they explore the future of security in an AI-driven world!

In this discussion, Edward Wu, the Founder and CEO of Dropzone AI, explores the transformative potential of AI in security operations centers. He reveals findings from a benchmark report showing AI can accelerate investigations by 45-60% and enhance efficiency. Edward contrasts traditional SOAR playbooks with the adaptability of agentic AI, emphasizing its role in automating Tier 1 tasks and allowing analysts to focus on strategic roles. He warns that AI won't fully replace humans but will revolutionize SOC workflows, particularly benefiting in-house teams and MSSPs.

Ariful Huq, Co-founder and Head of Product at ExaForce, dives into the complexities of building an AI-native SOC. He discusses why bolt-on AI approaches fall short and the necessity of integrating data beyond logs, including configuration and business context. Ariful emphasizes the evolution beyond traditional SIEM capabilities and the importance of real-time processing. He also highlights the need for full-stack security engineers and outlines the challenges posed by SaaS platforms that lack native threat detection.

Damien Burks, a Senior Security Engineer with a wealth of experience in fintech environments, dives into the complexities of incident response for Kubernetes. He explains the challenges of automation in containment for private EKS clusters, revealing why traditional tools often fall short. Damien shares his innovative solution using a dynamically deployed Lambda function that can contain breaches within ten minutes. The conversation also highlights the evolving role of the cloud security engineer and essential career advice for aspiring professionals.

Allie Mellen, a Principal Analyst at Forrester specializing in security analytics and generative AI, digs into the evolving landscape of Security Operations. She explains the ongoing "massive reset" in SOCs driven by generative AI and better data management. Allie advocates for the shift from traditional SOC models to Detection Engineering. She discusses practical AI applications, the importance of explainability, and how companies are leveraging AI for triage. Tune in for insights into the future of AI and its role in enhancing security operations.

In this insightful discussion, Kyler Middleton, a Principal Developer specializing in AI solutions, and Sai Gunaranjan, a Lead Cloud Architect for Azure, dive into the security pitfalls of AWS Bedrock and Azure AI. They highlight Azure's alarming data routing defaults that pose compliance risks and AWS’s struggle with logging and resource security. Both experts emphasize the crucial skills needed for transitioning from cloud to AI security and recommend starting with secure defaults and small-scale projects like chatbots to ensure safety in AI deployments.

In this conversation, Rajan Kapoor, Field CISO at Material Security and former Director of Security at Dropbox, dives into the outdated pre-breach mindset of email security. He emphasizes the critical need for post-breach protection to safeguard sensitive data inside mailboxes. Rajan discusses the interconnectedness of productivity suites like Google Workspace and Microsoft 365, which have transformed the inbox into a security risk. He also addresses the emerging threats posed by AI co-pilots that could expose over-shared information, urging for a shift to comprehensive workspace security.

Snir Ben Shimol, CEO of Zest Security, challenges the traditional views on vulnerability awareness, arguing that knowledge alone doesn't enhance security. He suggests that AI can tackle cloud security backlogs effectively by identifying critical changes that can significantly reduce vulnerabilities in one go. Their conversation also touches on the evolution of cloud security from mere visibility to proactive measures. Plus, the duo lightens the mood with a fun discussion about their favorite healthy cuisines, especially Thai food!