In this episode of the Virtual Coffee with Ashish edition, we spoke with Toni de la Fuente (@toniblyx) is the Senior Security Consultant at AWS (@AWSCloud) and author of Prowler - AWS Security Tool. Host: Ashish Rajan - Twitter @hashishrajan Guest: Toni de la Fuente @toniblyx  In this episode, Toni & Ashish spoke about What is Cloud Security Assessment? The story behind the creation of Prowler and what Prowler does? How is Prowler different to CIS benchmark? How to set up an effective incident response plan? How to respond to forensic collection evidence? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nicholas McLaren (Linkedin - nmclarencys) is the Cloud Security Engineer, ByteChek(@Bytechek). Host: Ashish Rajan - Twitter @hashishrajan Guest: Nicholas McLaren (Linkedin - nmclarencys In this episode, Nick & Ashish spoke about What qualifications do you need to become a cloud security engineer? Degrees, certifications etc How to network effective to secure your 1st cloud security role? Network in the world of Covid-19. A day in the life of a Cloud Security Engineer Soft skills required by Cloud Security Engineers How to get recruiters and hiring managers to notice you? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Michael Fraser (@itascode) is the Chief Architect, Co-Founder at refactr (@RefactrIT). Host: Ashish Rajan - Twitter @hashishrajan Guest: Michael Fraser - @itascode  In this episode, Michael & Ashish spoke about What is DevSecOps? What is Kubernetes? Why would you use Kubernetes? What should a Kubernetes Deployment look like when done right from a security perspective? The building blocks of making Kubernetes part of your CICD pipeline. Benchmarks to use to measure maturity of organisations And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ben Tomhave (Linkedin - @btomhave) is the Principal, Falcon’s View Consulting (@FalconsView). Host: Ashish Rajan - Twitter @hashishrajan Guest: Ben Tomhave (Linkedin - @btomhave)  In this episode, Ben & Ashish spoke about What are Containers? What is Container Security/ Kubernetes Security for people from traditional security background? What should a Container Deployment look like? 7 Security Challenges for introducing Containers into an organization, where to get started? Building Blocks for building Container Security at Scale - the right way. Software Composition Analysis for Containers Security challenges with Containers & Serverless What was NOC and SOC and does Cloud knowledge really matter for that role? How to create awareness about container security in traditional computer security team? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Guest: Zane Lackey - Linkedin In this episode, Zane & Ashish spoke about What was your path to your current CyberSecurity Role? DevOps movement between East Coast and West Coast in 2010  - Etsy (Biggie) & Netflix (2Pac) Was the change to 30 production deployments a day, good thing for security? What was action plan as a CISO to tackle 30 deployments a day? Has the viewpoint on Security and thing that kept CISO awake at night changed due to Pandemic? Post Pandemic CISOs have 100s of single pane of glass Scale is the problem that is facing every security team. And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kurt John, Chief CyberSecurity Officer CISO at Siemens USA Host: Ashish Rajan - Twitter @hashishrajan Guest: Kurt John - Linkedin In this episode, Kurt & Ashish spoke about Cloud Security in a Large Organisation and the challenges that come with it. Cloud and Cloud Security in the Operation Technology World How Product Security and Enterprise Security is approached? The impact of Covid-19 on cloud transformation. Impact of Edge Technology and 5G. How beginners can expose themselves to OT security? What happens in the world of OT and SCADA to help businesses with cyber readiness? Should security be turn on by default? Charter of Trust Whats next for SCADA (Supervisory Control and Data Acquisition)? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with David Lavezzo, Director of Security Chaos Engineering at Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: David Lavezzo - Linkedin In this episode, David & Ashish spoke about What is security chaos experiments and how does it compare to chaos engineering? The Golden Age of Offence? Tools for Chaos Experiments How to get started in Security Chaos Experiments? Is Security Chaos Experiments only for large companies? Security Chaos Experiments in Production How to get organisation buy in for Security Chaos Experiments? What is gap hunting? Security Chaos Engineering at Scale and what metrics can be used to measure its maturity? The upcoming trends of Security Chaos Engineering And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brianna Malcolmson, Security Engineering Manager, Atlassian  Host: Ashish Rajan - Twitter @hashishrajan Guest: Brianna Malcolmson - Linkedin @briannajoy In this episode, Brianna & Ashish spoke about What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? How to get started in Cloud Pentesting? The need for Cloud Certification and recommendations for Beginners? Is there something people are not talking enough about in a Cloud Security context? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Matt Johnson, Developer Advocate Lead, Bridgecrew. Host: Ashish Rajan - Twitter @hashishrajan Guest: Matt Johnson - Twitter @metahertz In this episode, Matt & Ashish spoke about What was Matt’s path into Developer Advocate role? What does Cloud Security mean to Matt? What is Infrastructure as Code and Infrastructure Code Security ? Are developers or security teams doing more infrastructure as a code security? What is develop first cloud security? Thoughts on static code and run time analysis? It is a requirements to know Yaml, Python or Json for Cloud Networking? What kind of specific training is recommended for developers who are new to IAC? What open source codes are good resources? Where can people start with infrastructure as security Can people without a security background still take advantage of the open source security tools? How to get started in the open source space? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Pawel Rzepa, Snr Security Consultant, SecuRing. Host: Ashish Rajan - Twitter @hashishrajan Guest: Pawel Rzepa - Twitter @rzepsky In this episode, Pawel & Ashish spoke about What was Pawel’s path into Cybersecurity? What does Cloud Security mean to Pawel? What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? What is threat hunting in cloud security assessments? What permissions are required for pentesting in AWS? How does on-premise pentesting translate into cloud? Different tools that can assist with cloud security pentesting. How does hybrid cloud affect the scope of pentester assessments? How to stay on top of your cloud security assessment? The future of cloud security assessment. How github and AWS collaborate to prevent AWS access keys misuse? What are some of the new kind of attacks in cloud? How to get started in cloud pentesting? The need for cloud certification and recommendations for beginners Is there something people are not talking enough about in a cloud security context? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai