Cloud Security Podcast

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ben Tomhave (Linkedin - @btomhave) is the Principal, Falcon’s View Consulting (@FalconsView). Host: Ashish Rajan - Twitter @hashishrajan Guest: Ben Tomhave (Linkedin - @btomhave)  In this episode, Ben & Ashish spoke about What are Containers? What is Container Security/ Kubernetes Security for people from traditional security background? What should a Container Deployment look like? 7 Security Challenges for introducing Containers into an organization, where to get started? Building Blocks for building Container Security at Scale - the right way. Software Composition Analysis for Containers Security challenges with Containers & Serverless What was NOC and SOC and does Cloud knowledge really matter for that role? How to create awareness about container security in traditional computer security team? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Guest: Zane Lackey - Linkedin In this episode, Zane & Ashish spoke about What was your path to your current CyberSecurity Role? DevOps movement between East Coast and West Coast in 2010  - Etsy (Biggie) & Netflix (2Pac) Was the change to 30 production deployments a day, good thing for security? What was action plan as a CISO to tackle 30 deployments a day? Has the viewpoint on Security and thing that kept CISO awake at night changed due to Pandemic? Post Pandemic CISOs have 100s of single pane of glass Scale is the problem that is facing every security team. And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kurt John, Chief CyberSecurity Officer CISO at Siemens USA Host: Ashish Rajan - Twitter @hashishrajan Guest: Kurt John - Linkedin In this episode, Kurt & Ashish spoke about Cloud Security in a Large Organisation and the challenges that come with it. Cloud and Cloud Security in the Operation Technology World How Product Security and Enterprise Security is approached? The impact of Covid-19 on cloud transformation. Impact of Edge Technology and 5G. How beginners can expose themselves to OT security? What happens in the world of OT and SCADA to help businesses with cyber readiness? Should security be turn on by default? Charter of Trust Whats next for SCADA (Supervisory Control and Data Acquisition)? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with David Lavezzo, Director of Security Chaos Engineering at Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: David Lavezzo - Linkedin In this episode, David & Ashish spoke about What is security chaos experiments and how does it compare to chaos engineering? The Golden Age of Offence? Tools for Chaos Experiments How to get started in Security Chaos Experiments? Is Security Chaos Experiments only for large companies? Security Chaos Experiments in Production How to get organisation buy in for Security Chaos Experiments? What is gap hunting? Security Chaos Engineering at Scale and what metrics can be used to measure its maturity? The upcoming trends of Security Chaos Engineering And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brianna Malcolmson, Security Engineering Manager, Atlassian  Host: Ashish Rajan - Twitter @hashishrajan Guest: Brianna Malcolmson - Linkedin @briannajoy In this episode, Brianna & Ashish spoke about What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? How to get started in Cloud Pentesting? The need for Cloud Certification and recommendations for Beginners? Is there something people are not talking enough about in a Cloud Security context? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Matt Johnson, Developer Advocate Lead, Bridgecrew. Host: Ashish Rajan - Twitter @hashishrajan Guest: Matt Johnson - Twitter @metahertz In this episode, Matt & Ashish spoke about What was Matt’s path into Developer Advocate role? What does Cloud Security mean to Matt? What is Infrastructure as Code and Infrastructure Code Security ? Are developers or security teams doing more infrastructure as a code security? What is develop first cloud security? Thoughts on static code and run time analysis? It is a requirements to know Yaml, Python or Json for Cloud Networking? What kind of specific training is recommended for developers who are new to IAC? What open source codes are good resources? Where can people start with infrastructure as security Can people without a security background still take advantage of the open source security tools? How to get started in the open source space? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Pawel Rzepa, Snr Security Consultant, SecuRing. Host: Ashish Rajan - Twitter @hashishrajan Guest: Pawel Rzepa - Twitter @rzepsky In this episode, Pawel & Ashish spoke about What was Pawel’s path into Cybersecurity? What does Cloud Security mean to Pawel? What is Cloud Security Testing and Assessment ? What is a Cyber Kill Chain in a cloud context? What is threat hunting in cloud security assessments? What permissions are required for pentesting in AWS? How does on-premise pentesting translate into cloud? Different tools that can assist with cloud security pentesting. How does hybrid cloud affect the scope of pentester assessments? How to stay on top of your cloud security assessment? The future of cloud security assessment. How github and AWS collaborate to prevent AWS access keys misuse? What are some of the new kind of attacks in cloud? How to get started in cloud pentesting? The need for cloud certification and recommendations for beginners Is there something people are not talking enough about in a cloud security context? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sriya Potham, Principal Cloud Security Architect Host: Ashish Rajan - Twitter @hashishrajan Guest: Sriya Potham - Linkedin @sriya In this episode, Sriya & Ashish spoke about What was your path into Cybersecurity? Whats your definition of Cloud Security? What is the shared responsibility model? Whats a day in the life of a Cloud Security Architect ? Are cloud architecture reviews different in different industries? As a Cloud Security Architect do you need to focus on the GRC side? Are CCM controls used quite often? What soft and technical skills for you require to be successful as a Cloud Security Architect? Is Cloud Security Architect a technical role? Are certificates important to secure a Cloud Security Architecture role? Does one need to consider doing CCSP? Is architecture different when working with multi-cloud? Is it necessary to know both AWS and Azure? What comes after certification ? Do you need to be technical and have an operational understanding of the controls to give guidance? Are some cloud service provider services not mature enough to be be used in organisations? How do you transition from on premise security architect to cloud security architect? How you get started if you have had no experience in Cloud? Is it better to be experienced in different industries or be specialised in one as a Cloud Security Architect? The difference between Cloud Security Architect and DevSecOps Architect? Can a person be both? Is it valuable to do Comptia Security + ? Is there a myth in cloud security that you hear often? What are people not talking enough about in Cloud Security ? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this Christmas special episode of the Virtual Coffee with Ashish edition, we had a panel of successful CyberSecurity Podcast Hosts that answered questions about starting and running a successful CyberSecurity Podcast. Panel Participants: Host: Ashish Rajan - Twitter @hashishrajan, Host of Cloud Security Podcast Guest 1: Chris Cochran - Linkedin chriscochrancyber ,Podcast co-Host, Hacker Valley Studio Guest 2: James J Azar - Linkedin James-j-azar, Podcast host, The CyberHub Podcast In this episode, Ashish & Panelist spoke about The Journey - A bit about your podcast, how you got started? Thoughts on finding podcast niche? How do you find you “Voice”? Thoughts on audio vs video podcast format? The moments that make you most proud about your podcast? What does it take to start a podcast? 1st few things to consider? How to find podcast guests? Specially as a beginner? What are the big challenges of running a podcast? What is a Big NO in the world of podcasting for you ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Youtube Channel: https://lnkd.in/gUHqSai - Twitch Channel: https://lnkd.in/gxhFrqw

In this episode of the Virtual Coffee with Ashish edition, we spoke with Monica Verma, CISO Host: Ashish Rajan - Twitter @hashishrajan Guest: Monica Verma - Linkedin @monicaverma In this episode, Monica & Ashish spoke about What was your path into Cybersecurity? What does Cloud Security mean for you? How do you explain risk management to people? Can an organisation be risk free? Are there any obvious risk management considerations and challenges people should consider? What are some of the building blocks of risk management that people can start with? Which risk assessment strategy would you suggest for a new business? How has insider risk evolved with cloud? What are the top 10 risks in cloud security? Is there a security strategy roadmap for cloud security business leaders? Should cyber-resilience be the goal for an organisational security roadmap? Cyber secure vs cyber resilience, whats more important? What are the misconceptions about cloud that haven’t been de-mystified yet? Is it better from a risk standpoint to stick to one cloud vendor? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai