Cloud Security Podcast

In this episode of the Virtual Coffee with Ashish edition, we spoke with Gal Helemski (@Linkedin-Gal Helemski) CoFounder, CTO & CPO at PlainID (@plainID_authZ). Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Gal Helemski (@Linkedin-Gal Helemski) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News  - Cloud Security Academy

Cloud Security News this week 26 Jan 2022 Early December on Cloud Security News, we shared that Symphony Technology Group had acquired McAfee for 4 Billion along with FireEye for 1.2 Billion. The merger of these two companies has now form Trellix, which aims to be a leader in extended detection and response (XDR). In their blog post Trellix shared that  “Customers can expect Trellix’s living security platform to deliver bold innovation across the XDR market.”  - “with automation, machine learning, extensible architecture, and threat intelligence.”  You can find out more about Trellix and read their blog post here and let us know if you are excited about this merger? Orca Security is back in the news this week, not for their funding round or their vulnerability findings in AWS. They have made their 1st acquisition: RapidSec, an Israeli cybersecurity startup that protects web applications from client-side attacks. RapidSec’s software allows for detection of  web-application misconfigurations and deviations from best practices. Orca has indicated that it  plans to integrate these web services and API security technologies into its agentless cloud security platform. You can read more about this acquisition here. Cloud Security Firm Polar Security that has emerged from Stealth With $8.5 Million Seed Funding. They are a Tel Aviv, Israel-based cloud security company that aims to provide visibility into companies’ cloud data storage to allow security teams to secure the data and avoid compliance problems. You can find out more about them here Hunters.ai announced that  it has raised a $68 million Series C round bringing their total funding to date to $118 million. Hunters share in their blog that  “Never before has it been more lucrative to be a cyber criminal” and “On the defenders’ side, we see organizations struggling to keep pace. As technology advances and more tools are being used, the attack surface grows and the number of security products used by these organizations increases.” This is where Hunter.ai believes they can help with their Extended Detection and Response (XDR) platform used by Security Operations Center (SOC) teams to detect, investigate and stop threats. You can find out more about them here Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News  If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Ian Mckay, an AWS Community Hero and APN Ambassador, dives into AWS Identity and Access Management (IAM) strategies. He highlights the journey from on-premises to cloud security and the importance of community engagement. The conversation covers the complexities of IAM versus traditional systems, the value of the least privilege principle, and the evolution of IAM tools like Access Analyzer. Mckay emphasizes balancing Continuous Integration/Continuous Deployment with security best practices, advocating for automation and effective privilege management.

Cloud Security News this week 19 Jan 2022 Cisco Talos Researchers have shared in a blog last week that  a trio of remote access Trojans (RATs)—Nanocore, Netwire and AsyncRAT—are being spread in a campaign that taps public cloud infrastructure and is primarily aimed at victims in the U.S., Italy and Singapore. According to the blog “Threat actors are increasingly using cloud technologies to achieve their objectives without having to resort to hosting their own infrastructure,” and “cloud services like Azure and AWS allow attackers to set up their infrastructure and connect to the internet with minimal time or monetary commitments. It also makes it more difficult for defenders to track down the attackers’ operations.”  Read more about this here. Netskope also released a blog last week about Malwares. Interestingly their research which surveyed millions of users worldwide from January 1, 2020 to November 30, 2021 found that Cloud-delivered malware is now more prevalent than web-delivered malware, accounting for 66%, up from 46% last year. They also found that Google Drive is the top app for most malware downloads and Cloud-delivered malware via Microsoft Office nearly doubled from 2020 to 2021. Read the report here Vulnerability in AWS’s cloudformation service that was discovered and shared by Orca Security. Orca Security confirmed that  AWS completely mitigated within 6 days of their submission.If you want to know more about their discovery, you can read it here The US government is reportedly reviewing the cloud computing arm of Chinese ecommerce giant Alibaba to determine whether or not it poses a risk to national security.” As reported by Reuters, the Biden administration launched the probe to find out more about how Alibaba Cloud stores the data of US clients including personal information and intellectual property and to see if the Chinese government could gain access to it. You can read Reuters report here Sysdig’s platform who were recently valued at 2.5 Billion have expanded their cloud security offering to Azure Cloud aswell. . You can find out more about them here  Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News  If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dylan Ayrey (@insecurenature) is a Professional Hacker and Co-Founder of Truffle Security (@trufflesec) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Dylan Ayrey (@insecurenature) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News  - Cloud Security Academy

In this episode of the Virtual Coffee with Ashish edition, we spoke with Stu Hirst (Linkedin-Stu Hirst) is the Chief Information Security Officer (CISO) of Trustpilot (@Trustpilot). Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Stu Hirst (Linkedin-Stu Hirst) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News  - Cloud Security Academy

Cloud Security News this week 12 Jan 2022 UK’s financial regulators - The Prudential Regulation Authority is looking to increase it’s monitoring of Cloud providers like AWS, Azure and Google Cloud. According to Financial times, they are looking to gain more access to data from these cloud providers because the impact outages and cyberattacks have on British Banks. They are looking at implementing more robust outages and disaster recovery tests given the increasing reliance UK banks have on a handful of cloud providers. A lot of major British banks have partnerships with cloud providers “AWS has announced deals with Barclays and HSBC, while Lloyd Banking Group holds partnerships with Google Cloud and Microsoft Azure.”. There is an increasing concerns about the impacts on the banks should these cloud providers experience outages. You can view the financial times article here Speaking of regulators and how they are dealing with cloud providers, a few weeks ago in December Chinese regulators have “suspended an information-sharing partnership with Alibaba Cloud Computing” over concerns that it failed to promptly report and address a cybersecurity vulnerability. According to 21st Century Business Herald, citing a recent notice by the Ministry of Industry and Information Technology “Alibaba Cloud did not immediately report vulnerabilities in the popular, open-source logging framework Apache Log4j2 to China's telecommunications regulator”.This comes after, according to Reuters “The Chinese government has asked state-owned companies to migrate their data from private operators such as Alibaba and Tencent to a state-backed cloud system by next year.” From what we understand, there is no statement from Alibaba Cloud on this yet. You can read more about this here. Gartner's Report can be found here. Redhat's Report can be found here. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News  If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this episode of the Virtual Coffee with Ashish edition, we spoke with Fred Wilmot (@fewdisc) is an ex-Veteran and Chief Information Security Officer (CISO) of JumpCloud (@JumpCloud). Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Fred Wilmot (@fewdisc) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News  - Cloud Security Academy

Cloud Security News this week 5 Jan 2022  Google has acquired security orchestration, automation and response (SOAR) provider, Siemplify. Neither company has disclosed any amounts however sources including Reuters report Google paid $500 million for Siemplify. Google has shared that Siemplify “will join Google Cloud’s security team to help companies better manage their threat response”. They shared in their announcement that “Providing a proven SOAR capability unified with Chronicle’s innovative approach to security analytics is an important step forward in their vision”. You can find more about this here Microsoft in their updated Blog this week on this issue have noted “Exploitation attempts and testing have remained high during the last weeks of December”.  They also stated that they had “observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks”. Microsoft mentions that “customers should assume broad availability of exploit code and scanning capabilities to be a real and present danger to their environments. And “this is expected to have a long tail for remediation, requiring ongoing, sustainable vigilance” . Microsoft have reported that the bulk of attacks have been related to mass scanning by attackers attempting to thumbprint vulnerable systems, as well as scanning by security companies and researchers. You can read their updated blog here. Back in 2019 you probably heard about Autom Attack which targeted misconfigured docker APIs to gain network entry to  set up a backdoor on the compromised host to do cryptomining.  This cryptomining campaign has evolved in the last 3 years to improve on their defense evasion tactics to fly under the radar and avoid detection. You can see the blog and their findings here. SEGA Europe have disclosed that they were storing sensitive data in an unsecured Amazon Web Services (AWS) S3 bucket. This was discovered during a cloud-security audit. Security Researcher Aaron Phillips with VPN Overview worked with SEGA Europe to secure the exposed data. You can view the full report here Positive Security researchers have stumbled upon four vulnerabilities in Microsoft Teams. You can read more about the findings here and threatpost report here Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News  If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this episode of the Virtual Coffee with Ashish edition, we spoke with Or Weis (@OrWeis) co-founder and CEO of Permit.io (@permit_io). Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Or Weis (@OrWeis) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News  - Cloud Security Academy