Cloud Security Podcast
Cloud Security Podcast Team
Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We can be honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud.
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security.
We LIVE STREAM interviews on Cloud Security Topics every weekend on Linkedin, YouTube, Facebook and Twitter with over 150 people watching and asking questions and interacting with the Guest.
Episodes
Mentioned books
Mar 6, 2025 • 45min
Securing AI Applications in the Cloud
Bar-el Tayouri, Head of Mend AI at Mend.io, is a leading expert in AI security and application security. In this conversation, he tackles the hidden dangers of shadow AI and the layers of an AI Bill of Materials (AIBOM). Bar-el emphasizes the necessity of red teaming and shares practical strategies for pre- and post-deployment security. He explores the journey of AI adoption and highlights the complexities in balancing innovation with security. Plus, he shares his love for Ethiopian cuisine, connecting personal passions with professional insights.
Feb 28, 2025 • 53min
Realities of Cloud Networking in AWS
Kyler Middleton, a skilled engineer exploring AI, and Jack W. Harter, a DevOps expert with a rich background in high-frequency trading, dive into the complexities of AWS networking. They discuss the formidable challenges of transitioning from on-premises to the cloud, especially in regulated healthcare environments. Listeners will be intrigued by their stories on adapting security measures, the surprising effectiveness of certain anti-patterns, and the hidden compliance hurdles faced during cloud migration, all while navigating the intricate landscape of AWS networks.
Feb 20, 2025 • 54min
Cloud Incident Response in Microsoft Azure
In this engaging discussion, security researcher Katie Knowles, a former Azure incident responder, dives into critical Azure security topics. She unpacks common incident response scenarios and the rising threat of LLM jacking, where attackers misuse authentication tokens. Katie shares insights on privilege escalation in Azure Key Vault and emphasizes the importance of secure role assignments. She also offers practical tips for developing an effective Azure incident response playbook, making Azure's intricate security landscape accessible to all.
18 snips
Feb 13, 2025 • 51min
AWS Multi-Account Security: What Netflix Learned
Join cloud security experts Patrick Sanders and Joseph Kjar from Netflix as they share their insights on securing AWS multi-account environments. They discuss why an identity-first approach is essential for security, tackling challenges like least privilege access and IAM role migrations. The duo emphasizes balancing security with developer efficiency, and they shed light on strategies for isolating cloud identities amidst complexities. Packed with practical tips, their conversation offers valuable lessons from Netflix's cloud security journey.
12 snips
Feb 4, 2025 • 58min
Cloud Security Detection & Response Strategies That Actually Work
Will Bengtson, VP of Security Operations at HashiCorp, dives into the complexities of cloud security. He explains how cloud incident response differs from on-prem solutions and reveals how quickly attackers exploit APIs. Will shares insights on building effective detection programs while highlighting detection blind spots in AWS and Azure. He also discusses the importance of collaboration in threat hunting and the evolving challenges in managing cloud security. Along the way, he reflects on personal growth and culinary favorites, adding a delightful twist to the conversation.
9 snips
Jan 28, 2025 • 32min
CISO Challenges Across Industries
In this discussion, Sunil Rane, a seasoned cybersecurity leader with over 20 years of experience, sheds light on the intricate challenges faced by CISOs across various sectors. He elaborates on balancing data sensitivity in healthcare with operational efficiency, the complexities of compliance in consulting, and the unique hurdles in the media industry regarding public accountability. Sunil also emphasizes the importance of communication and collaboration for effective cybersecurity leadership, all while sharing a personal touch with tales of his culinary passions.
Jan 24, 2025 • 51min
Why Solving the Data Problem is Key to Cloud Security?
Francis Odum, founder and lead research analyst at Software Analyst Cyber Research, shares valuable insights into cloud security and identity management. He discusses the critical role of addressing data problems to mitigate false positives and enhance SOC efficiency. The conversation also delves into the promising yet complex landscape of AI security, emphasizing the importance of proper data governance. Additionally, Odum predicts key trends for 2025, urging the cybersecurity industry to prioritize innovative solutions while navigating evolving challenges.
35 snips
Jan 21, 2025 • 26min
The economics of cybersecurity and trends
Mike Privette, founder of Return on Security, shares his deep insights into the economics of cybersecurity and its evolving landscape. He discusses how AI is reshaping governance, risk, and compliance while emphasizing the need for strategic planning in cybersecurity efforts. The integration of cloud and application security takes center stage, highlighting unified approaches to protect against data loss. Additionally, Mike touches on the rise of startups in the cyber market and the ongoing challenges they face in this dynamic environment.
14 snips
Jan 14, 2025 • 40min
The Truth About CNAPP and Kubernetes Security
James Berthoty, founder of Latio.Tech, shares his expertise on cloud security tools. He clarifies the concept of CNAPP and discusses whether Kubernetes security is becoming the new standard. The chat dives into the distinction between runtime security and vulnerability management, emphasizing the need for clear approaches in cloud-native security. James also addresses the evolving challenges security engineers face in integrating security within development processes, alongside the pressing necessity for user-centric security tool consolidation.
23 snips
Jan 10, 2025 • 1h 10min
Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem
Ross Haleliuk, author of "Cybersecurity for Builders" and creator of the Venture in Security blog, dives into the complex world of cybersecurity. He discusses why the industry is less crowded than it appears and the critical divide between in-house security and vendor reliance. Ross also emphasizes the importance of balancing business needs with security engineering, sharing insights on addressing market problems for startups. The conversation highlights the ongoing need for knowledge sharing and innovation in this ever-evolving tech landscape.
